jwt_signed_request 1.0.1 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -2
- data/lib/jwt_signed_request.rb +9 -1
- data/lib/jwt_signed_request/middlewares/rack.rb +1 -1
- data/lib/jwt_signed_request/version.rb +1 -1
- metadata +3 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 427fe8633c579541cd1e42bdf573b3e3d4017ad0
|
4
|
+
data.tar.gz: 393611e2bd664892a8485c9a012ed6640b4c2f04
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '0081e1187e16f6e38a8ef7dbe0acd95388c4111f0097acea9319b9b271e88d6ddcc882513b9945eb469d0ce3d5644829d12cbd7f49181fc67d5de1d6e5551c98'
|
7
|
+
data.tar.gz: c5020b652569207bfe5bd9f8c40cc28f04f646003c8bd57f5133202f17d99d9ac6fe7895da978c3ef3a774e48473d772aaa77d043184f795e8d130700e8c3269
|
data/README.md
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
# JWT Signed Request
|
2
|
+
[](https://travis-ci.org/envato/jwt_signed_request)
|
2
3
|
|
3
4
|
Request signing and verification for Internal APIs using JWT.
|
4
5
|
|
@@ -85,7 +86,7 @@ AwEHoUQDQgAEuOC3ufTTnW0hVmCPNERb4LxaDE/OexDdlmXEjHYaixzYIduluGXd
|
|
85
86
|
conn = Faraday.new(url: URI.parse('http://example.com')) do |faraday|
|
86
87
|
faraday.use JWTSignedRequest::Middlewares::Faraday,
|
87
88
|
secret_key: OpenSSL::PKey::EC.new(private_key),
|
88
|
-
algorithm: '
|
89
|
+
algorithm: 'ES256', # optional (default: ES256)
|
89
90
|
key_id: 'my-key-id', # optional
|
90
91
|
issuer: 'my-issuer', # optional
|
91
92
|
additional_headers_to_sign: ['X-AUTH'] # optional
|
@@ -169,7 +170,7 @@ We welcome contribution from everyone. Read more about it in
|
|
169
170
|
|
170
171
|
For bug fixes, documentation changes, and small features:
|
171
172
|
|
172
|
-
1. Fork it ( https://github.com/
|
173
|
+
1. Fork it ( https://github.com/envato/jwt_signed_request/fork )
|
173
174
|
2. Create your feature branch (git checkout -b my-new-feature)
|
174
175
|
3. Commit your changes (git commit -am 'Add some feature')
|
175
176
|
4. Push to the branch (git push origin my-new-feature)
|
data/lib/jwt_signed_request.rb
CHANGED
@@ -50,12 +50,20 @@ module JWTSignedRequest
|
|
50
50
|
def self.verified_request?(request:, claims:)
|
51
51
|
claims['method'].downcase == request.request_method.downcase &&
|
52
52
|
claims['path'] == request.fullpath &&
|
53
|
-
claims['body_sha'] == Digest::SHA256.hexdigest(request
|
53
|
+
claims['body_sha'] == Digest::SHA256.hexdigest(request_body(request: request)) &&
|
54
54
|
verified_headers?(request: request, claims: claims)
|
55
55
|
end
|
56
56
|
|
57
57
|
private_class_method :verified_request?
|
58
58
|
|
59
|
+
def self.request_body(request:)
|
60
|
+
string = request.body.read
|
61
|
+
request.body.rewind
|
62
|
+
string
|
63
|
+
end
|
64
|
+
|
65
|
+
private_class_method :request_body
|
66
|
+
|
59
67
|
def self.verified_headers?(request:, claims:)
|
60
68
|
parsed_headers = JSON.parse(claims['headers'])
|
61
69
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jwt_signed_request
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Toan Nguyen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-01-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|
@@ -141,9 +141,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
141
141
|
version: '0'
|
142
142
|
requirements: []
|
143
143
|
rubyforge_project:
|
144
|
-
rubygems_version: 2.
|
144
|
+
rubygems_version: 2.5.2
|
145
145
|
signing_key:
|
146
146
|
specification_version: 4
|
147
147
|
summary: JWT request signing and verification for Internal APIs
|
148
148
|
test_files: []
|
149
|
-
has_rdoc:
|