padlock_auth-jwt 0.1.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/padlock_auth/jwt/access_token.rb +11 -8
  3. data/lib/padlock_auth/jwt/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 76622de62cd8065e302932783de9a3c02bff49880ec8f376fcdeed84cce97223
4
- data.tar.gz: 460cb25344c8150779ad54a189a8d9ec371c63ae7bd1adf4b3b9af3183deca62
3
+ metadata.gz: 7107cd7b8a99f461e2fdf0abbd526c2d1bced943a2542ee07c141ef600c4b233
4
+ data.tar.gz: c278724c8e66fb4b14a6f1f8f72eec4505630605d044d44200d41f706ebf07d6
5
5
  SHA512:
6
- metadata.gz: 39e6d74dbedae4ca68c3cef9a19bc3bcc8a4d2307877f2b557c616fd56ea4815e0e176726bb1a539141a2eb66b6c0bc503dce1160d290f4802f7cb2a4f928e2d
7
- data.tar.gz: 4f3e41598b073669229e2de1da5543801e7b1182976dbdb67e84260af17215bb1245160da24a580bdd31454060d671f5a61b0510908983c31246c9eb3ec6ab0a
6
+ metadata.gz: 7beca857afbe76c930455a880f481bffd179de924a178c5b1d6cb5f410393999818d9eacd67b5c83d36deb246d723e75a8117ce517c42111c8e42b825e863dc1
7
+ data.tar.gz: c5daa9a7f997452b38a2c4f6dbbd4f0107a21845a8f83b6a4f3a10d22eadd72d48f4fc674d3b0ca932d38da4e648df0edc7dfe8ac645229c671f36a6eae32471
data/lib/padlock_auth/jwt/access_token.rb CHANGED
@@ -12,8 +12,6 @@ module PadlockAuth
12
12
  def accessible?
13
13
  return false unless valid_jwt_token?
14
14
 
15
- return false unless valid_signature?
16
-
17
15
  return false unless includes_required_claims?
18
16
 
19
17
  # "exp" (Expiration Time) Claim
@@ -35,8 +33,7 @@ module PadlockAuth
35
33
  end
36
34
 
37
35
  def invalid_token_reason
38
- return :invalid_jwt_token unless valid_jwt_token?
39
- return :invalid_signature unless valid_signature?
36
+ return valid_header? ? :invalid_signature : :invalid_jwt_token unless valid_jwt_token?
40
37
 
41
38
  return :missing_exp_claim unless includes_required_exp_claim?
42
39
  return :invalid_exp_claim unless valid_exp_claim?
@@ -83,19 +80,25 @@ module PadlockAuth
83
80
 
84
81
  private
85
82
 
83
+ def valid_jwt_token?
84
+ valid_signature? && valid_header?
85
+ end
86
+
86
87
  # https://datatracker.ietf.org/doc/html/rfc9068#JWTATLValidate
87
88
  # The resource server MUST verify that the "typ" header value is "at+jwt" or "application/at+jwt" and reject tokens carrying any other value.
88
- def valid_jwt_token?
89
- return @valid_jwt_token if instance_variable_defined?(:@valid_jwt_token)
90
- @valid_jwt_token = @encoded_token.header.present? &&
89
+ def valid_header?
90
+ return @valid_header if instance_variable_defined?(:@valid_header)
91
+ @valid_header = @encoded_token.header.present? &&
91
92
  @strategy.header_types.include?(@encoded_token.header["typ"])
92
93
  rescue JWT::DecodeError
93
- @valid_jwt_token = false
94
+ @valid_header = false
94
95
  end
95
96
 
96
97
  def valid_signature?
97
98
  return @valid_signature if instance_variable_defined?(:@valid_signature)
98
99
  @valid_signature = @encoded_token.valid_signature?(algorithm: @strategy.algorithm, key: @strategy.secret_key)
100
+ rescue JWT::DecodeError
101
+ @valid_signature = false
99
102
  end
100
103
 
101
104
  def includes_required_claims?
data/lib/padlock_auth/jwt/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module PadlockAuth
2
2
  module Jwt
3
- VERSION = "0.1.0"
3
+ VERSION = "0.2.1"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: padlock_auth-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ben Morrall
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-12-09 00:00:00.000000000 Z
11
+ date: 2025-01-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: padlock_auth