RubyGems - keratin-authn - Versions diffs - 0.2.0 → 0.3.0 - Mend

keratin-authn 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/keratin-authn.gemspec +1 -0
data/lib/keratin/authn/id_token_verifier.rb +1 -1
data/lib/keratin/authn/issuer.rb +2 -2
data/lib/keratin/authn/test/helpers.rb +1 -1
data/lib/keratin/authn/version.rb +1 -1
metadata +16 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5bc3dc3a5993e496aa7d4a27460d799b4e3ea600
-  data.tar.gz: 30266ffdffaa188785ce930f0f470a5cde684746
+  metadata.gz: 2f45b125d67113d0774cbad89d9267547e3b7e31
+  data.tar.gz: de9f914409394e534f6fe8d9240fe0f4edb0c441
 SHA512:
-  metadata.gz: 77ac60816689bd685f7ba0e6de2122bcd6e372bccee8b6bb1e1ef6bf660278fd3617ca7e5fe57debbe792db44baa030fc55d721681b535bb2e0de6ad435604ad
-  data.tar.gz: 0814a5099a9b4d7c246c9a9b3dabe05e8d234c6fc86f6022cfd3ba54a3f76df521dad46a1130ef4e422a1e1125c523543d2d22efca6d6067dba15f39589db889
+  metadata.gz: 164fd93bf93e7ccad0f9d005ea81fcc09e78bdb79bccb8a8b55f4776101631bdbc14d0b2a0d4f9347c0f0e322a1e45fad3c88d3f243b2bb9c561995380b17859
+  data.tar.gz: a45bbfebe1d9bad1c0a5538cc8d679e5a7ee4ec3be78897a2c740c070bfae0ff89efdf8e1518d7b5c786d4940db6589aff7604f1b416474d068922616fbc43e3

data/keratin-authn.gemspec CHANGED

@@ -37,4 +37,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "minitest", "~> 5.0"
   spec.add_development_dependency "timecop"
+  spec.add_development_dependency "byebug"
 end

data/lib/keratin/authn/id_token_verifier.rb CHANGED

@@ -35,7 +35,7 @@ module Keratin::AuthN
     end
     def token_intact?
-      jwt.verify!(@keychain.getset(jwt['iss']){ Issuer.new(jwt['iss']).signing_key })
+      jwt.verify!(@keychain.getset(jwt.kid){ Issuer.new(jwt['iss']).signing_key(jwt.kid) })
     rescue JSON::JWT::VerificationFailed, JSON::JWT::UnexpectedAlgorithm
       false
     end

data/lib/keratin/authn/issuer.rb CHANGED

@@ -15,8 +15,8 @@ module Keratin::AuthN
       delete(path: "/accounts/:account_id").result
     end
-    def signing_key
-      keys.find{|k| k['use'] == 'sig' }
+    def signing_key(kid)
+      keys.find{|k| k['use'] == 'sig' && (kid.blank? || kid == k['kid']) }
     end
     def configuration

data/lib/keratin/authn/test/helpers.rb CHANGED

@@ -13,7 +13,7 @@ module Keratin::AuthN
           sub: subject,
           iat: 10.seconds.ago,
           exp: 1.hour.from_now
-        ).sign(jws_keypair, JWS_ALGORITHM).to_s
+        ).sign(jws_keypair.to_jwk, JWS_ALGORITHM).to_s
       end
       # a temporary RSA key for our test suite.

data/lib/keratin/authn/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Keratin
   module AuthN
-    VERSION = "0.2.0"
+    VERSION = "0.3.0"
   end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keratin-authn
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Lance Ivy
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2016-12-10 00:00:00.000000000 Z
+date: 2017-01-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json-jwt
@@ -108,6 +108,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description:
 email:
 - lance@cainlevy.net