RubyGems - keypairs - Versions diffs - 1.3.0 → 1.3.2 - Mend

keypairs 1.3.0 → 1.3.2

Files changed (4) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 43873dcca40b21ab51a7d56d5bd8de510b9ec4667515c90557ded59e3e258101
-  data.tar.gz: 1e1233998e0eb742cfcb32008481acf71e57271d9a984ab55bc2754c26bce63b
+  metadata.gz: 3825e9ab54265b0413ed34458988e36a473284609021a930caee44aae4ff2902
+  data.tar.gz: dcd24440ff3a15560aa39d6c2da387944f147e89ecdad9e03a54e7de9faa69e2
 SHA512:
-  metadata.gz: 2ca6e2c54d251dfb9e2d7b98b082ca2e238140c095a1c5350d93e2c4011171c7665a70b0f3ae26625c56015f960ecdd0088ac9067587b223278a88cc55c49ceb
-  data.tar.gz: 9783aa2f524959a0da4ebaf134d700749fe3fef382a89c3ea0bf6fe1fa4e453c1932f1fe170e35bc5b8469218d4c7a378f80928b38431c04011a596dab9d5393
+  metadata.gz: d5b96c7cb4e2a6153b124be6dae5a62c37e43d5eebd9ade45b44fa1efe5f3baca918a654f0991cff393036b18209429da38c0325d3a69e930e0e719ee0651467
+  data.tar.gz: 5b5860d35ce4ccc9c4f6fbb1239163d667758f6401f760387e125e89190f24de3ef2e7e79af3cc6d0142021cd7fbb6dc695bb34ac551fbbf148ff35bfc48cf0d

data/lib/keypair.rb CHANGED Viewed

@@ -114,6 +114,14 @@ class Keypair < ActiveRecord::Base
     current.jwt_encode(payload)
   end
+  # Encodes the payload with the current keypair.
+  # It forewards the call to the instance method {Keypair#jwt_encode}.
+  # @return [String] Encoded JWT token with security credentials.
+  # @param payload [Hash] Hash which should be encoded.
+  def self.jwt_encode_without_nonce(payload)
+    current.jwt_encode_without_nonce(payload, {}, nonce: false)
+  end
   # Decodes the payload and verifies the signature against the current valid keypairs.
   # @param id_token [String] A JWT that should be decoded.
   # @param options [Hash] options for decoding, passed to {JWT::Decode}.
@@ -137,20 +145,9 @@ class Keypair < ActiveRecord::Base
   # It automatically sets the +kid+ in the header.
   # @param payload [Hash] you have to provide a hash since the security attributes have to be added.
   # @param headers [Hash] you can optionally add additional headers to the JWT.
-  def jwt_encode(payload, headers = {})
+  def jwt_encode(payload, headers = {}, nonce: true)
     # Add security claims to payload
-    payload.reverse_merge!(
-      # Time at which the Issuer generated the JWT (epoch).
-      iat: Time.now.to_i,
-      # Expiration time on or after which the tool MUST NOT accept the ID Token for
-      # processing (epoch). This is mostly used to allow some clock skew.
-      exp: Time.now.to_i + 5.minutes.to_i,
-      # String value used to associate a tool session with an ID Token, and to mitigate replay
-      # attacks. The nonce value is a case-sensitive string.
-      nonce: SecureRandom.uuid
-    )
+    payload = secure_payload(payload, nonce: nonce)
     # Add additional info into the headers
     headers.reverse_merge!(
@@ -229,4 +226,23 @@ class Keypair < ActiveRecord::Base
     errors.add(:expires_at, 'must be after not after')
   end
+  def secure_payload(payload, nonce: true)
+    secure_payload = {
+      # Time at which the Issuer generated the JWT (epoch).
+      iat: Time.now.to_i,
+      # Expiration time on or after which the tool MUST NOT accept the ID Token for
+      # processing (epoch). This is mostly used to allow some clock skew.
+      exp: Time.now.to_i + 5.minutes.to_i
+    }
+    if nonce
+      # String value used to associate a tool session with an ID Token, and to mitigate replay
+      # attacks. The nonce value is a case-sensitive string.
+      secure_payload[:nonce] = SecureRandom.uuid
+    end
+    payload.reverse_merge!(secure_payload)
+  end
 end

data/lib/keypairs/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Keypairs
-  VERSION = '1.3.0'
+  VERSION = '1.3.2'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keypairs
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.3.2
 platform: ruby
 authors:
 - Stef Schenkelaars
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-04 00:00:00.000000000 Z
+date: 2023-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -17,6 +17,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '6.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -24,6 +27,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '6.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
@@ -31,6 +37,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '6.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -38,6 +47,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '6.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement