jwt 2.4.0 → 2.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +1 -1
- data/.reek.yml +22 -0
- data/.rubocop.yml +9 -23
- data/.sourcelevel.yml +3 -4
- data/CHANGELOG.md +22 -42
- data/CONTRIBUTING.md +99 -0
- data/README.md +9 -19
- data/lib/jwt/algos/ecdsa.rb +22 -11
- data/lib/jwt/decode.rb +2 -0
- data/lib/jwt/jwk/ec.rb +4 -0
- data/lib/jwt/jwk/hmac.rb +1 -1
- data/lib/jwt/jwk/rsa.rb +1 -1
- data/lib/jwt/version.rb +1 -1
- data/lib/jwt.rb +1 -1
- data/ruby-jwt.gemspec +2 -1
- metadata +19 -4
- data/.rubocop_todo.yml +0 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6e7f3474ee58d51ca5646f48ca28bf669b40a4b7676cbe7211597ca6ae69f672
|
4
|
+
data.tar.gz: 570e6930c9094afea40ea8e8a6a7c9b3293890b121893f5148914b0a8e7d11f8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3249529ec6bacc8e655e2830949af61c10e235a569f9dc67d3880335d5939b8afc56c180145d3e02dd09744288d50c31547338e105cf55ae4e0fbe237eb2a0e8
|
7
|
+
data.tar.gz: dd415314a7bd048d8b2b5b630d5b7011128932bf207dc785ac6154748aff68836a1c39e766dc176e225c643fc406fe9fdc5c510b36dc939e36722e327d8fe92f
|
data/.github/workflows/test.yml
CHANGED
data/.reek.yml
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
---
|
2
|
+
detectors:
|
3
|
+
TooManyStatements:
|
4
|
+
max_statements: 10
|
5
|
+
UtilityFunction:
|
6
|
+
enabled: false
|
7
|
+
LongParameterList:
|
8
|
+
enabled: false
|
9
|
+
DuplicateMethodCall:
|
10
|
+
max_calls: 2
|
11
|
+
IrresponsibleModule:
|
12
|
+
enabled: false
|
13
|
+
NestedIterators:
|
14
|
+
max_allowed_nesting: 2
|
15
|
+
UnusedParameters:
|
16
|
+
enabled: false
|
17
|
+
FeatureEnvy:
|
18
|
+
enabled: false
|
19
|
+
ControlParameter:
|
20
|
+
enabled: false
|
21
|
+
UnusedPrivateMethod:
|
22
|
+
enabled: false
|
data/.rubocop.yml
CHANGED
@@ -1,5 +1,3 @@
|
|
1
|
-
inherit_from: .rubocop_todo.yml
|
2
|
-
|
3
1
|
AllCops:
|
4
2
|
TargetRubyVersion: 2.5
|
5
3
|
NewCops: enable
|
@@ -21,43 +19,38 @@ Style/GuardClause:
|
|
21
19
|
Style/IfUnlessModifier:
|
22
20
|
Enabled: false
|
23
21
|
|
24
|
-
Layout/SpaceInsideHashLiteralBraces:
|
25
|
-
Enabled: false
|
26
|
-
|
27
22
|
Style/Lambda:
|
28
23
|
Enabled: false
|
29
24
|
|
30
25
|
Style/RaiseArgs:
|
31
26
|
Enabled: false
|
32
27
|
|
33
|
-
Style/SignalException:
|
34
|
-
Enabled: false
|
35
|
-
|
36
28
|
Metrics/AbcSize:
|
37
29
|
Max: 25
|
38
30
|
|
39
31
|
Metrics/ClassLength:
|
40
|
-
Max:
|
32
|
+
Max: 105
|
41
33
|
|
42
34
|
Metrics/ModuleLength:
|
43
35
|
Max: 100
|
44
36
|
|
45
|
-
|
46
|
-
|
37
|
+
Metrics/MethodLength:
|
38
|
+
Max: 20
|
47
39
|
|
48
40
|
Metrics/BlockLength:
|
49
41
|
Exclude:
|
50
42
|
- spec/**/*_spec.rb
|
51
43
|
|
52
|
-
|
53
|
-
Max: 15
|
54
|
-
|
55
|
-
Style/SingleLineBlockParams:
|
44
|
+
Layout/LineLength:
|
56
45
|
Enabled: false
|
57
46
|
|
58
47
|
Layout/EndAlignment:
|
59
48
|
EnforcedStyleAlignWith: variable
|
60
49
|
|
50
|
+
Layout/EmptyLineBetweenDefs:
|
51
|
+
Enabled: true
|
52
|
+
AllowAdjacentOneLineDefs: true
|
53
|
+
|
61
54
|
Style/FormatString:
|
62
55
|
Enabled: false
|
63
56
|
|
@@ -70,12 +63,5 @@ Layout/MultilineOperationIndentation:
|
|
70
63
|
Style/WordArray:
|
71
64
|
Enabled: false
|
72
65
|
|
73
|
-
|
66
|
+
Gemspec/RequireMFA:
|
74
67
|
Enabled: false
|
75
|
-
|
76
|
-
Layout/HashAlignment:
|
77
|
-
Enabled: true
|
78
|
-
EnforcedLastArgumentHashStyle: always_ignore
|
79
|
-
|
80
|
-
Style/TrivialAccessors:
|
81
|
-
AllowPredicates: true
|
data/.sourcelevel.yml
CHANGED
@@ -1,4 +1,3 @@
|
|
1
|
-
styleguide: excpt/linters
|
2
1
|
engines:
|
3
2
|
reek:
|
4
3
|
enabled: true
|
@@ -6,13 +5,13 @@ engines:
|
|
6
5
|
enabled: true
|
7
6
|
rubocop:
|
8
7
|
enabled: true
|
9
|
-
channel:
|
8
|
+
channel: latest
|
10
9
|
duplication:
|
11
10
|
config:
|
12
11
|
languages:
|
13
12
|
- ruby
|
14
13
|
enabled: true
|
15
14
|
remark-lint:
|
16
|
-
enabled:
|
15
|
+
enabled: false
|
17
16
|
exclude_paths:
|
18
|
-
- spec
|
17
|
+
- spec
|
data/CHANGELOG.md
CHANGED
@@ -1,51 +1,31 @@
|
|
1
1
|
# Changelog
|
2
|
+
## [v2.4.1](https://github.com/jwt/ruby-jwt/tree/v2.4.1) (2022-06-07)
|
2
3
|
|
3
|
-
|
4
|
-
|
5
|
-
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0)
|
4
|
+
**Fixes and enhancements:**
|
5
|
+
- Raise JWT::DecodeError on invalid signature [\#484](https://github.com/jwt/ruby-jwt/pull/484) ([@freakyfelt!](https://github.com/freakyfelt!)).
|
6
6
|
|
7
|
-
|
8
|
-
|
9
|
-
- Ensure presence of claims [\#244](https://github.com/jwt/ruby-jwt/issues/244)
|
10
|
-
- Support verifying signature signed using x5c header [\#59](https://github.com/jwt/ruby-jwt/issues/59)
|
11
|
-
- Add x5c header key finder [\#338](https://github.com/jwt/ruby-jwt/pull/338) ([bdewater](https://github.com/bdewater))
|
12
|
-
|
13
|
-
**Security fixes:**
|
7
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.4.0...v2.4.1)
|
14
8
|
|
15
|
-
|
16
|
-
|
17
|
-
**Closed issues:**
|
18
|
-
|
19
|
-
- Is there a way to decode a ES256 encoded JWT with a root certificate but without a public key or a private key? [\#471](https://github.com/jwt/ruby-jwt/issues/471)
|
20
|
-
- Encode output with extra quote [\#469](https://github.com/jwt/ruby-jwt/issues/469)
|
21
|
-
- Please release new gem version [\#444](https://github.com/jwt/ruby-jwt/issues/444)
|
22
|
-
- HS512 signature verification fails for valid tokens [\#438](https://github.com/jwt/ruby-jwt/issues/438)
|
23
|
-
- ArgumentError: invalid base64 while calling JWT::JWK.import\(hash\) [\#361](https://github.com/jwt/ruby-jwt/issues/361)
|
24
|
-
- NoMethodError (undefined method `encode' for JsonWebToken:Module\) [\#329](https://github.com/jwt/ruby-jwt/issues/329)
|
9
|
+
## [v2.4.0](https://github.com/jwt/ruby-jwt/tree/v2.4.0) (2022-06-06)
|
25
10
|
|
26
|
-
|
11
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0)
|
27
12
|
|
28
|
-
|
29
|
-
|
30
|
-
-
|
31
|
-
-
|
32
|
-
-
|
33
|
-
-
|
34
|
-
-
|
35
|
-
-
|
36
|
-
-
|
37
|
-
|
38
|
-
|
39
|
-
-
|
40
|
-
-
|
41
|
-
-
|
42
|
-
-
|
43
|
-
-
|
44
|
-
- Fix for exception after mergeing \#385 [\#450](https://github.com/jwt/ruby-jwt/pull/450) ([anakinj](https://github.com/anakinj))
|
45
|
-
- Create CODE\_OF\_CONDUCT.md [\#449](https://github.com/jwt/ruby-jwt/pull/449) ([loic5](https://github.com/loic5))
|
46
|
-
- Allow regular expressions and procs to verify issuer [\#437](https://github.com/jwt/ruby-jwt/pull/437) ([rewritten](https://github.com/rewritten))
|
47
|
-
- Add Support to be able to verify from multiple keys [\#425](https://github.com/jwt/ruby-jwt/pull/425) ([ritikesh](https://github.com/ritikesh))
|
48
|
-
- Define the secp256r1 curve [\#385](https://github.com/jwt/ruby-jwt/pull/385) ([anakinj](https://github.com/anakinj))
|
13
|
+
**Features:**
|
14
|
+
|
15
|
+
- Dropped support for Ruby 2.5 and older [#453](https://github.com/jwt/ruby-jwt/pull/453) - [@anakinj](https://github.com/anakinj).
|
16
|
+
- Use Ruby built-in url-safe base64 methods [#454](https://github.com/jwt/ruby-jwt/pull/454) - [@bdewater](https://github.com/bdewater).
|
17
|
+
- Updated rubocop to 1.23.0 [#457](https://github.com/jwt/ruby-jwt/pull/457) - [@anakinj](https://github.com/anakinj).
|
18
|
+
- Add x5c header key finder [#338](https://github.com/jwt/ruby-jwt/pull/338) - [@bdewater](https://github.com/bdewater).
|
19
|
+
- Author driven changelog process [#463](https://github.com/jwt/ruby-jwt/pull/463) - [@anakinj](https://github.com/anakinj).
|
20
|
+
- Allow regular expressions and procs to verify issuer [\#437](https://github.com/jwt/ruby-jwt/pull/437) ([rewritten](https://github.com/rewritten)).
|
21
|
+
- Add Support to be able to verify from multiple keys [\#425](https://github.com/jwt/ruby-jwt/pull/425) ([ritikesh](https://github.com/ritikesh)).
|
22
|
+
|
23
|
+
**Fixes and enhancements:**
|
24
|
+
- Readme: Typo fix re MissingRequiredClaim [\#451](https://github.com/jwt/ruby-jwt/pull/451) ([antonmorant](https://github.com/antonmorant)).
|
25
|
+
- Fix RuboCop TODOs [\#476](https://github.com/jwt/ruby-jwt/pull/476) ([typhoon2099](https://github.com/typhoon2099)).
|
26
|
+
- Make specific algorithms in README linkable [\#472](https://github.com/jwt/ruby-jwt/pull/472) ([milieu](https://github.com/milieu)).
|
27
|
+
- Update note about supported JWK types [\#475](https://github.com/jwt/ruby-jwt/pull/475) ([dpashkevich](https://github.com/dpashkevich)).
|
28
|
+
- Create CODE\_OF\_CONDUCT.md [\#449](https://github.com/jwt/ruby-jwt/pull/449) ([loic5](https://github.com/loic5)).
|
49
29
|
|
50
30
|
## [v2.3.0](https://github.com/jwt/ruby-jwt/tree/v2.3.0) (2021-10-03)
|
51
31
|
|
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,99 @@
|
|
1
|
+
# Contributing to [ruby-jwt](https://github.com/jwt/ruby-jwt)
|
2
|
+
|
3
|
+
## Forking the project
|
4
|
+
|
5
|
+
Fork the project on GitHub and clone your own fork. Instuctions on forking can be found from the [GitHub Docs](https://docs.github.com/en/get-started/quickstart/fork-a-repo)
|
6
|
+
|
7
|
+
```
|
8
|
+
git clone git@github.com:you/ruby-jwt.git
|
9
|
+
cd ruby-jwt
|
10
|
+
git remote add upstream https://github.com/jwt/ruby-jwt
|
11
|
+
```
|
12
|
+
|
13
|
+
## Create a branch for your implementation
|
14
|
+
|
15
|
+
Make sure you have the latest upstream master branch of the project.
|
16
|
+
|
17
|
+
```
|
18
|
+
git fetch --all
|
19
|
+
git checkout master
|
20
|
+
git rebase upstream/master
|
21
|
+
git push origin master
|
22
|
+
git checkout -b fix-a-little-problem
|
23
|
+
```
|
24
|
+
|
25
|
+
## Running the tests and linter
|
26
|
+
|
27
|
+
Before you start with your implementation make sure you are able to get a succesful test run with the current revision.
|
28
|
+
|
29
|
+
The tests are written with rspec and [Appraisal](https://github.com/thoughtbot/appraisal) is used to ensure compatibility with 3rd party dependencies providing cryptographic features.
|
30
|
+
|
31
|
+
[Rubocop](https://github.com/rubocop/rubocop) is used to enforce the Ruby style.
|
32
|
+
|
33
|
+
To run the complete set of tests and linter run the following
|
34
|
+
|
35
|
+
```bash
|
36
|
+
bundle install
|
37
|
+
bundle exec appraisal rake test
|
38
|
+
bundle exec rubocop
|
39
|
+
```
|
40
|
+
|
41
|
+
## Implement your feature
|
42
|
+
|
43
|
+
Implement tests and your change. Don't be shy adding a little something in the [README](README.md).
|
44
|
+
Add a short description of the change in either the `Features` or `Fixes` section in the [CHANGELOG](CHANGELOG.md) file.
|
45
|
+
|
46
|
+
The form of the row (You need to return to the row when you know the pull request id)
|
47
|
+
```
|
48
|
+
- Fix a little problem [#123](https://github.com/jwt/ruby-jwt/pull/123) - [@you](https://github.com/you).
|
49
|
+
```
|
50
|
+
|
51
|
+
## Push your branch and create a pull request
|
52
|
+
|
53
|
+
Before pushing make sure the tests pass and RuboCop is happy.
|
54
|
+
|
55
|
+
```
|
56
|
+
bundle exec appraisal rake test
|
57
|
+
bundle exec rubocop
|
58
|
+
git push origin fix-a-little-problem
|
59
|
+
```
|
60
|
+
|
61
|
+
Make a new pull request on the [ruby-jwt project](https://github.com/jwt/ruby-jwt/pulls) with a description what the change is about.
|
62
|
+
|
63
|
+
## Update the CHANGELOG, again
|
64
|
+
|
65
|
+
Update the [CHANGELOG](CHANGELOG.md) with the pull request id from the previous step.
|
66
|
+
|
67
|
+
You can ammend the previous commit with the updated changelog change and force push your branch. The PR will get automatically updated.
|
68
|
+
|
69
|
+
```
|
70
|
+
git add CHANGELOG.md
|
71
|
+
git commit --amend --no-edit
|
72
|
+
git push origin fix-a-little-problem -f
|
73
|
+
```
|
74
|
+
|
75
|
+
## Keep an eye on your pull request
|
76
|
+
|
77
|
+
A maintainer will review and probably merge you changes when time allows, be patient.
|
78
|
+
|
79
|
+
## Keeping your branch up-to-date
|
80
|
+
|
81
|
+
It's recommended that you keep your branch up-to-date by rebasing to the upstream master.
|
82
|
+
|
83
|
+
```
|
84
|
+
git fetch upstream
|
85
|
+
git checkout fix-a-little-problem
|
86
|
+
git rebase upstream/master
|
87
|
+
git push origin fix-a-little-problem -f
|
88
|
+
```
|
89
|
+
|
90
|
+
# Releasing a new version
|
91
|
+
|
92
|
+
The version is using the [Semantic Versioning](http://semver.org/) and the version is located in the [version.rb](lib/jwt/version.rb) file.
|
93
|
+
Also update the [CHANGELOG](CHANGELOG.md) to reflect the upcoming version release.
|
94
|
+
|
95
|
+
```bash
|
96
|
+
rake release
|
97
|
+
```
|
98
|
+
|
99
|
+
**If you want a release cut with your PR, please include a version bump according to **
|
data/README.md
CHANGED
@@ -12,10 +12,12 @@ A ruby implementation of the [RFC 7519 OAuth JSON Web Token (JWT)](https://tools
|
|
12
12
|
If you have further questions related to development or usage, join us: [ruby-jwt google group](https://groups.google.com/forum/#!forum/ruby-jwt).
|
13
13
|
|
14
14
|
## Announcements
|
15
|
-
|
15
|
+
* Ruby 2.4 support is going to be dropped in version 2.4.0
|
16
16
|
* Ruby 1.9.3 support was dropped at December 31st, 2016.
|
17
17
|
* Version 1.5.3 yanked. See: [#132](https://github.com/jwt/ruby-jwt/issues/132) and [#133](https://github.com/jwt/ruby-jwt/issues/133)
|
18
18
|
|
19
|
+
See [CHANGELOG.md](CHANGELOG.md) for a complete set of changes.
|
20
|
+
|
19
21
|
## Sponsors
|
20
22
|
|
21
23
|
|Logo|Message|
|
@@ -130,6 +132,7 @@ puts decoded_token
|
|
130
132
|
* ES256 - ECDSA using P-256 and SHA-256
|
131
133
|
* ES384 - ECDSA using P-384 and SHA-384
|
132
134
|
* ES512 - ECDSA using P-521 and SHA-512
|
135
|
+
* ES256K - ECDSA using P-256K and SHA-256
|
133
136
|
|
134
137
|
```ruby
|
135
138
|
ecdsa_key = OpenSSL::PKey::EC.new 'prime256v1'
|
@@ -575,7 +578,7 @@ JWT.decode(token, nil, true, { algorithms: ['RS512'], jwks: jwks})
|
|
575
578
|
|
576
579
|
### Importing and exporting JSON Web Keys
|
577
580
|
|
578
|
-
The ::JWT::JWK class can be used to import and export both the public key (default behaviour) and the private key. To include the private key in the export pass the
|
581
|
+
The ::JWT::JWK class can be used to import and export both the public key (default behaviour) and the private key. To include the private key in the export pass the `include_private` parameter to the export method.
|
579
582
|
|
580
583
|
```ruby
|
581
584
|
jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048))
|
@@ -584,27 +587,14 @@ jwk_hash = jwk.export
|
|
584
587
|
jwk_hash_with_private_key = jwk.export(include_private: true)
|
585
588
|
```
|
586
589
|
|
587
|
-
|
588
|
-
|
589
|
-
We depend on [Bundler](http://rubygems.org/gems/bundler) for defining gemspec and performing releases to rubygems.org, which can be done with
|
590
|
-
|
591
|
-
```bash
|
592
|
-
rake release
|
593
|
-
```
|
594
|
-
|
595
|
-
The tests are written with rspec. [Appraisal](https://github.com/thoughtbot/appraisal) is used to ensure compatibility with 3rd party dependencies providing cryptographic features.
|
596
|
-
|
597
|
-
```bash
|
598
|
-
bundle install
|
599
|
-
bundle exec appraisal rake test
|
600
|
-
```
|
590
|
+
## How to contribute
|
601
591
|
|
602
|
-
|
592
|
+
See [CONTRIBUTING](CONTRIBUTING.md).
|
603
593
|
|
604
594
|
## Contributors
|
605
595
|
|
606
|
-
See
|
596
|
+
See [AUTHORS](AUTHORS).
|
607
597
|
|
608
598
|
## License
|
609
599
|
|
610
|
-
See
|
600
|
+
See [LICENSE](LICENSE).
|
data/lib/jwt/algos/ecdsa.rb
CHANGED
@@ -6,13 +6,29 @@ module JWT
|
|
6
6
|
module_function
|
7
7
|
|
8
8
|
NAMED_CURVES = {
|
9
|
-
'prime256v1' =>
|
10
|
-
|
11
|
-
|
12
|
-
|
9
|
+
'prime256v1' => {
|
10
|
+
algorithm: 'ES256',
|
11
|
+
digest: 'sha256'
|
12
|
+
},
|
13
|
+
'secp256r1' => { # alias for prime256v1
|
14
|
+
algorithm: 'ES256',
|
15
|
+
digest: 'sha256'
|
16
|
+
},
|
17
|
+
'secp384r1' => {
|
18
|
+
algorithm: 'ES384',
|
19
|
+
digest: 'sha384'
|
20
|
+
},
|
21
|
+
'secp521r1' => {
|
22
|
+
algorithm: 'ES512',
|
23
|
+
digest: 'sha512'
|
24
|
+
},
|
25
|
+
'secp256k1' => {
|
26
|
+
algorithm: 'ES256K',
|
27
|
+
digest: 'sha256'
|
28
|
+
}
|
13
29
|
}.freeze
|
14
30
|
|
15
|
-
SUPPORTED = NAMED_CURVES.
|
31
|
+
SUPPORTED = NAMED_CURVES.map { |_, c| c[:algorithm] }.uniq.freeze
|
16
32
|
|
17
33
|
def sign(to_sign)
|
18
34
|
algorithm, msg, key = to_sign.values
|
@@ -39,14 +55,9 @@ module JWT
|
|
39
55
|
end
|
40
56
|
|
41
57
|
def curve_by_name(name)
|
42
|
-
|
58
|
+
NAMED_CURVES.fetch(name) do
|
43
59
|
raise UnsupportedEcdsaCurve, "The ECDSA curve '#{name}' is not supported"
|
44
60
|
end
|
45
|
-
|
46
|
-
{
|
47
|
-
algorithm: algorithm,
|
48
|
-
digest: algorithm.sub('ES', 'sha')
|
49
|
-
}
|
50
61
|
end
|
51
62
|
end
|
52
63
|
end
|
data/lib/jwt/decode.rb
CHANGED
data/lib/jwt/jwk/ec.rb
CHANGED
@@ -59,6 +59,9 @@ module JWT
|
|
59
59
|
when 'prime256v1'
|
60
60
|
crv = 'P-256'
|
61
61
|
x_octets, y_octets = encoded_point.unpack('xa32a32')
|
62
|
+
when 'secp256k1'
|
63
|
+
crv = 'P-256K'
|
64
|
+
x_octets, y_octets = encoded_point.unpack('xa32a32')
|
62
65
|
when 'secp384r1'
|
63
66
|
crv = 'P-384'
|
64
67
|
x_octets, y_octets = encoded_point.unpack('xa48a48')
|
@@ -98,6 +101,7 @@ module JWT
|
|
98
101
|
when 'P-256' then 'prime256v1'
|
99
102
|
when 'P-384' then 'secp384r1'
|
100
103
|
when 'P-521' then 'secp521r1'
|
104
|
+
when 'P-256K' then 'secp256k1'
|
101
105
|
else raise JWT::JWKError, 'Invalid curve provided'
|
102
106
|
end
|
103
107
|
end
|
data/lib/jwt/jwk/hmac.rb
CHANGED
data/lib/jwt/jwk/rsa.rb
CHANGED
data/lib/jwt/version.rb
CHANGED
data/lib/jwt.rb
CHANGED
@@ -24,7 +24,7 @@ module JWT
|
|
24
24
|
headers: header_fields).segments
|
25
25
|
end
|
26
26
|
|
27
|
-
def decode(jwt, key = nil, verify = true, options = {}, &keyfinder)
|
27
|
+
def decode(jwt, key = nil, verify = true, options = {}, &keyfinder) # rubocop:disable Style/OptionalBooleanParameter
|
28
28
|
Decode.new(jwt, key, verify, DEFAULT_OPTIONS.merge(options), &keyfinder).decode_segments
|
29
29
|
end
|
30
30
|
end
|
data/ruby-jwt.gemspec
CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.required_ruby_version = '>= 2.5'
|
19
19
|
spec.metadata = {
|
20
20
|
'bug_tracker_uri' => 'https://github.com/jwt/ruby-jwt/issues',
|
21
|
-
'changelog_uri'
|
21
|
+
'changelog_uri' => "https://github.com/jwt/ruby-jwt/blob/v#{JWT.gem_version}/CHANGELOG.md"
|
22
22
|
}
|
23
23
|
|
24
24
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(spec|gemfiles|coverage|bin)/}) }
|
@@ -29,6 +29,7 @@ Gem::Specification.new do |spec|
|
|
29
29
|
spec.add_development_dependency 'appraisal'
|
30
30
|
spec.add_development_dependency 'bundler'
|
31
31
|
spec.add_development_dependency 'rake'
|
32
|
+
spec.add_development_dependency 'reek'
|
32
33
|
spec.add_development_dependency 'rspec'
|
33
34
|
spec.add_development_dependency 'simplecov'
|
34
35
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jwt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.4.
|
4
|
+
version: 2.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tim Rudat
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-06-
|
11
|
+
date: 2022-06-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: appraisal
|
@@ -52,6 +52,20 @@ dependencies:
|
|
52
52
|
- - ">="
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: reek
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
55
69
|
- !ruby/object:Gem::Dependency
|
56
70
|
name: rspec
|
57
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -91,14 +105,15 @@ files:
|
|
91
105
|
- ".github/workflows/coverage.yml"
|
92
106
|
- ".github/workflows/test.yml"
|
93
107
|
- ".gitignore"
|
108
|
+
- ".reek.yml"
|
94
109
|
- ".rspec"
|
95
110
|
- ".rubocop.yml"
|
96
|
-
- ".rubocop_todo.yml"
|
97
111
|
- ".sourcelevel.yml"
|
98
112
|
- AUTHORS
|
99
113
|
- Appraisals
|
100
114
|
- CHANGELOG.md
|
101
115
|
- CODE_OF_CONDUCT.md
|
116
|
+
- CONTRIBUTING.md
|
102
117
|
- Gemfile
|
103
118
|
- LICENSE
|
104
119
|
- README.md
|
@@ -135,7 +150,7 @@ licenses:
|
|
135
150
|
- MIT
|
136
151
|
metadata:
|
137
152
|
bug_tracker_uri: https://github.com/jwt/ruby-jwt/issues
|
138
|
-
changelog_uri: https://github.com/jwt/ruby-jwt/blob/v2.4.
|
153
|
+
changelog_uri: https://github.com/jwt/ruby-jwt/blob/v2.4.1/CHANGELOG.md
|
139
154
|
post_install_message:
|
140
155
|
rdoc_options: []
|
141
156
|
require_paths:
|
data/.rubocop_todo.yml
DELETED
@@ -1,22 +0,0 @@
|
|
1
|
-
# This configuration was generated by
|
2
|
-
# `rubocop --auto-gen-config --exclude-limit 1000000`
|
3
|
-
# on 2021-12-27 06:53:55 UTC using RuboCop version 1.23.0.
|
4
|
-
# The point is for the user to remove these configuration records
|
5
|
-
# one by one as the offenses are removed from the code base.
|
6
|
-
# Note that changes in the inspected code, or installation of new
|
7
|
-
# versions of RuboCop, may require this file to be generated again.
|
8
|
-
|
9
|
-
# Offense count: 1
|
10
|
-
# Cop supports --auto-correct.
|
11
|
-
# Configuration parameters: Include.
|
12
|
-
# Include: **/*.gemspec
|
13
|
-
Gemspec/RequireMFA:
|
14
|
-
Exclude:
|
15
|
-
- 'ruby-jwt.gemspec'
|
16
|
-
|
17
|
-
# Offense count: 1
|
18
|
-
# Configuration parameters: AllowedMethods.
|
19
|
-
# AllowedMethods: respond_to_missing?
|
20
|
-
Style/OptionalBooleanParameter:
|
21
|
-
Exclude:
|
22
|
-
- 'lib/jwt.rb'
|