ruby_jwt 1.0.4 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ruby_jwt/version.rb +1 -1
  3. data/lib/ruby_jwt.rb +9 -0
  4. data/test/dummy/log/test.log +300 -0
  5. data/test/ruby_jwt_test.rb +10 -0
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5caedc6675f7dbeb6483296aff49b9e0e912f4c1
4
- data.tar.gz: a91ec6b3947c16f31e2cb9c8992f69c5a4731b47
3
+ metadata.gz: b88afcd3172aa7eda1be4a86e2b524e8a4f34748
4
+ data.tar.gz: 77b511898b500b59dd0e36a5abde641784093018
5
5
  SHA512:
6
- metadata.gz: 2010772f1e506f3b07959816763381e06aa61b195acc79076d27e727fd824f100cde4dd865e1b0d66dc72239baa33cb7c87a1dca53efa869759c88dea3811616
7
- data.tar.gz: 3a3250817f092d105836bb80c3533961715ed7782662cf75bfca5ea5c672a475199bef8b2d2cfe579c14db2b7f0233693d3864347bc490172830a409981a2868
6
+ metadata.gz: 96b91b546ccea3307c61920f42d865e8fd015e8095d51345a1b9b3aad75fff14289cd554d933ce72ebb7d7aa22a93c0a3c5aa110a9c15545b98c2053c2112679
7
+ data.tar.gz: eb1cfe0f74de8f989e4c4b9fa2c8be4656a30d6544ec11972b3c3dcc6bd0e1466849128dab53a0633bdbe6f77e2c22fc5abe73d88696ec1d40ca7364cb479f16
data/lib/ruby_jwt/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module RubyJwt
2
- VERSION = "1.0.4
2
+ VERSION = "1.0.5
3
3
  "
4
4
  end
data/lib/ruby_jwt.rb CHANGED
@@ -22,6 +22,11 @@ module JWT
22
22
  @message = message
23
23
  end
24
24
  end
25
+
26
+ class OpenSSL::PKey::EC
27
+ alias_method :private?, :private_key?
28
+ end
29
+
25
30
  SIGNATURES = {"256" => OpenSSL::Digest::SHA256.new(), "384" => OpenSSL::Digest::SHA384.new(), "512" => OpenSSL::Digest::SHA512.new()}
26
31
  # SIGNATURES = {
27
32
  # "HS256" => OpenSSL::Digest::SHA256.new(), "HS384" => OpenSSL::Digest::SHA384.new(), "HS512" => OpenSSL::Digest::SHA512.new(),
@@ -110,6 +115,8 @@ module JWT
110
115
  return base64urlencode(OpenSSL::HMAC.digest(SIGNATURES[alg.gsub("HS","")], key, data))
111
116
  when "RS256", "RS384", "RS512"
112
117
  return base64urlencode(key.sign(SIGNATURES[alg.gsub("RS","")],data))
118
+ when "ES256", "ES384", "ES512"
119
+ return base64urlencode(key.sign(SIGNATURES[alg.gsub("ES","")],data))
113
120
  else
114
121
  raise NotImplementedError.new("Unsupported signing method!")
115
122
  end
@@ -123,6 +130,8 @@ module JWT
123
130
  return time_compare(signature,OpenSSL::HMAC.digest(SIGNATURES[alg.gsub("HS","")], key, data))
124
131
  when "RS256", "RS384", "RS512"
125
132
  return key.verify(SIGNATURES[alg.gsub("RS","")],signature, data)
133
+ when "ES256", "ES384", "ES512"
134
+ return key.verify(SIGNATURES[alg.gsub("ES","")],signature, data)
126
135
  else
127
136
  raise NotImplementedError.new("Unsupported signing method!")
128
137
  end
data/test/dummy/log/test.log CHANGED
@@ -1838,3 +1838,303 @@ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
1838
1838
  RubyJwtTest: test_should_encode_and_decode_none
1839
1839
  -----------------------------------------------
1840
1840
   (0.0ms) rollback transaction
1841
+  (0.1ms) begin transaction
1842
+ -----------------------------------------------------
1843
+ RubyJwtTest: test_decodes_and_verifies_existing_token
1844
+ -----------------------------------------------------
1845
+  (0.0ms) rollback transaction
1846
+  (0.0ms) begin transaction
1847
+ ---------------------------------------------------------
1848
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
1849
+ ---------------------------------------------------------
1850
+  (0.0ms) rollback transaction
1851
+  (0.0ms) begin transaction
1852
+ ------------------------------------------
1853
+ RubyJwtTest: test_returns_false_if_expired
1854
+ ------------------------------------------
1855
+  (0.1ms) rollback transaction
1856
+  (0.0ms) begin transaction
1857
+ ----------------------------------------------------
1858
+ RubyJwtTest: test_returns_false_if_invalid_signature
1859
+ ----------------------------------------------------
1860
+  (0.0ms) rollback transaction
1861
+  (0.0ms) begin transaction
1862
+ -------------------------------------------------
1863
+ RubyJwtTest: test_returns_false_if_wrong_audience
1864
+ -------------------------------------------------
1865
+  (0.0ms) rollback transaction
1866
+  (0.0ms) begin transaction
1867
+ -----------------------------------------------
1868
+ RubyJwtTest: test_returns_false_if_wrong_issuer
1869
+ -----------------------------------------------
1870
+  (0.1ms) rollback transaction
1871
+  (0.0ms) begin transaction
1872
+ -------------------------------------------------------------------------
1873
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
1874
+ -------------------------------------------------------------------------
1875
+  (0.0ms) rollback transaction
1876
+  (0.0ms) begin transaction
1877
+ -----------------------------------------------
1878
+ RubyJwtTest: test_returns_sign_error_for_no_key
1879
+ -----------------------------------------------
1880
+  (0.0ms) rollback transaction
1881
+  (0.0ms) begin transaction
1882
+ ------------------------------------------------
1883
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
1884
+ ------------------------------------------------
1885
+  (0.0ms) rollback transaction
1886
+  (0.0ms) begin transaction
1887
+ ----------------------------------------------
1888
+ RubyJwtTest: test_should_encode_and_decode_RSA
1889
+ ----------------------------------------------
1890
+  (0.1ms) rollback transaction
1891
+  (0.0ms) begin transaction
1892
+ ----------------------------------------------------------
1893
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
1894
+ ----------------------------------------------------------
1895
+  (0.0ms) rollback transaction
1896
+  (0.0ms) begin transaction
1897
+ -----------------------------------------------
1898
+ RubyJwtTest: test_should_encode_and_decode_none
1899
+ -----------------------------------------------
1900
+  (0.0ms) rollback transaction
1901
+  (0.1ms) begin transaction
1902
+ -----------------------------------------------------
1903
+ RubyJwtTest: test_decodes_and_verifies_existing_token
1904
+ -----------------------------------------------------
1905
+  (0.0ms) rollback transaction
1906
+  (0.0ms) begin transaction
1907
+ ---------------------------------------------------------
1908
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
1909
+ ---------------------------------------------------------
1910
+  (0.0ms) rollback transaction
1911
+  (0.0ms) begin transaction
1912
+ ------------------------------------------
1913
+ RubyJwtTest: test_returns_false_if_expired
1914
+ ------------------------------------------
1915
+  (0.0ms) rollback transaction
1916
+  (0.0ms) begin transaction
1917
+ ----------------------------------------------------
1918
+ RubyJwtTest: test_returns_false_if_invalid_signature
1919
+ ----------------------------------------------------
1920
+  (0.0ms) rollback transaction
1921
+  (0.1ms) begin transaction
1922
+ -------------------------------------------------
1923
+ RubyJwtTest: test_returns_false_if_wrong_audience
1924
+ -------------------------------------------------
1925
+  (0.0ms) rollback transaction
1926
+  (0.0ms) begin transaction
1927
+ -----------------------------------------------
1928
+ RubyJwtTest: test_returns_false_if_wrong_issuer
1929
+ -----------------------------------------------
1930
+  (0.1ms) rollback transaction
1931
+  (0.0ms) begin transaction
1932
+ -------------------------------------------------------------------------
1933
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
1934
+ -------------------------------------------------------------------------
1935
+  (0.0ms) rollback transaction
1936
+  (0.0ms) begin transaction
1937
+ -----------------------------------------------
1938
+ RubyJwtTest: test_returns_sign_error_for_no_key
1939
+ -----------------------------------------------
1940
+  (0.0ms) rollback transaction
1941
+  (0.1ms) begin transaction
1942
+ ------------------------------------------------
1943
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
1944
+ ------------------------------------------------
1945
+  (0.0ms) rollback transaction
1946
+  (0.0ms) begin transaction
1947
+ ----------------------------------------------
1948
+ RubyJwtTest: test_should_encode_and_decode_RSA
1949
+ ----------------------------------------------
1950
+  (0.0ms) rollback transaction
1951
+  (0.0ms) begin transaction
1952
+ ----------------------------------------------------------
1953
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
1954
+ ----------------------------------------------------------
1955
+  (0.0ms) rollback transaction
1956
+  (0.0ms) begin transaction
1957
+ -----------------------------------------------
1958
+ RubyJwtTest: test_should_encode_and_decode_none
1959
+ -----------------------------------------------
1960
+  (0.0ms) rollback transaction
1961
+  (0.1ms) begin transaction
1962
+ -----------------------------------------------------
1963
+ RubyJwtTest: test_decodes_and_verifies_existing_token
1964
+ -----------------------------------------------------
1965
+  (0.0ms) rollback transaction
1966
+  (0.0ms) begin transaction
1967
+ ---------------------------------------------------------
1968
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
1969
+ ---------------------------------------------------------
1970
+  (0.0ms) rollback transaction
1971
+  (0.0ms) begin transaction
1972
+ ------------------------------------------
1973
+ RubyJwtTest: test_returns_false_if_expired
1974
+ ------------------------------------------
1975
+  (0.0ms) rollback transaction
1976
+  (0.0ms) begin transaction
1977
+ ----------------------------------------------------
1978
+ RubyJwtTest: test_returns_false_if_invalid_signature
1979
+ ----------------------------------------------------
1980
+  (0.0ms) rollback transaction
1981
+  (0.0ms) begin transaction
1982
+ -------------------------------------------------
1983
+ RubyJwtTest: test_returns_false_if_wrong_audience
1984
+ -------------------------------------------------
1985
+  (0.0ms) rollback transaction
1986
+  (0.0ms) begin transaction
1987
+ -----------------------------------------------
1988
+ RubyJwtTest: test_returns_false_if_wrong_issuer
1989
+ -----------------------------------------------
1990
+  (0.0ms) rollback transaction
1991
+  (0.1ms) begin transaction
1992
+ -------------------------------------------------------------------------
1993
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
1994
+ -------------------------------------------------------------------------
1995
+  (0.0ms) rollback transaction
1996
+  (0.1ms) begin transaction
1997
+ -----------------------------------------------
1998
+ RubyJwtTest: test_returns_sign_error_for_no_key
1999
+ -----------------------------------------------
2000
+  (0.0ms) rollback transaction
2001
+  (0.0ms) begin transaction
2002
+ ------------------------------------------------
2003
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
2004
+ ------------------------------------------------
2005
+  (0.1ms) rollback transaction
2006
+  (0.1ms) begin transaction
2007
+ ----------------------------------------------
2008
+ RubyJwtTest: test_should_encode_and_decode_RSA
2009
+ ----------------------------------------------
2010
+  (0.0ms) rollback transaction
2011
+  (0.0ms) begin transaction
2012
+ ----------------------------------------------------------
2013
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
2014
+ ----------------------------------------------------------
2015
+  (0.0ms) rollback transaction
2016
+  (0.1ms) begin transaction
2017
+ -----------------------------------------------
2018
+ RubyJwtTest: test_should_encode_and_decode_none
2019
+ -----------------------------------------------
2020
+  (0.0ms) rollback transaction
2021
+  (0.1ms) begin transaction
2022
+ -----------------------------------------------------
2023
+ RubyJwtTest: test_decodes_and_verifies_existing_token
2024
+ -----------------------------------------------------
2025
+  (0.0ms) rollback transaction
2026
+  (0.0ms) begin transaction
2027
+ ---------------------------------------------------------
2028
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
2029
+ ---------------------------------------------------------
2030
+  (0.0ms) rollback transaction
2031
+  (0.0ms) begin transaction
2032
+ ------------------------------------------
2033
+ RubyJwtTest: test_returns_false_if_expired
2034
+ ------------------------------------------
2035
+  (0.0ms) rollback transaction
2036
+  (0.0ms) begin transaction
2037
+ ----------------------------------------------------
2038
+ RubyJwtTest: test_returns_false_if_invalid_signature
2039
+ ----------------------------------------------------
2040
+  (0.0ms) rollback transaction
2041
+  (0.0ms) begin transaction
2042
+ -------------------------------------------------
2043
+ RubyJwtTest: test_returns_false_if_wrong_audience
2044
+ -------------------------------------------------
2045
+  (0.0ms) rollback transaction
2046
+  (0.0ms) begin transaction
2047
+ -----------------------------------------------
2048
+ RubyJwtTest: test_returns_false_if_wrong_issuer
2049
+ -----------------------------------------------
2050
+  (0.0ms) rollback transaction
2051
+  (0.0ms) begin transaction
2052
+ -------------------------------------------------------------------------
2053
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
2054
+ -------------------------------------------------------------------------
2055
+  (0.0ms) rollback transaction
2056
+  (0.0ms) begin transaction
2057
+ -----------------------------------------------
2058
+ RubyJwtTest: test_returns_sign_error_for_no_key
2059
+ -----------------------------------------------
2060
+  (0.0ms) rollback transaction
2061
+  (0.0ms) begin transaction
2062
+ ------------------------------------------------
2063
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
2064
+ ------------------------------------------------
2065
+  (0.0ms) rollback transaction
2066
+  (0.0ms) begin transaction
2067
+ ----------------------------------------------
2068
+ RubyJwtTest: test_should_encode_and_decode_RSA
2069
+ ----------------------------------------------
2070
+  (0.0ms) rollback transaction
2071
+  (0.0ms) begin transaction
2072
+ ----------------------------------------------------------
2073
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
2074
+ ----------------------------------------------------------
2075
+  (0.0ms) rollback transaction
2076
+  (0.0ms) begin transaction
2077
+ -----------------------------------------------
2078
+ RubyJwtTest: test_should_encode_and_decode_none
2079
+ -----------------------------------------------
2080
+  (0.0ms) rollback transaction
2081
+  (0.1ms) begin transaction
2082
+ -----------------------------------------------------
2083
+ RubyJwtTest: test_decodes_and_verifies_existing_token
2084
+ -----------------------------------------------------
2085
+  (0.0ms) rollback transaction
2086
+  (0.0ms) begin transaction
2087
+ ---------------------------------------------------------
2088
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
2089
+ ---------------------------------------------------------
2090
+  (0.0ms) rollback transaction
2091
+  (0.0ms) begin transaction
2092
+ ------------------------------------------
2093
+ RubyJwtTest: test_returns_false_if_expired
2094
+ ------------------------------------------
2095
+  (0.0ms) rollback transaction
2096
+  (0.0ms) begin transaction
2097
+ ----------------------------------------------------
2098
+ RubyJwtTest: test_returns_false_if_invalid_signature
2099
+ ----------------------------------------------------
2100
+  (0.0ms) rollback transaction
2101
+  (0.0ms) begin transaction
2102
+ -------------------------------------------------
2103
+ RubyJwtTest: test_returns_false_if_wrong_audience
2104
+ -------------------------------------------------
2105
+  (0.0ms) rollback transaction
2106
+  (0.0ms) begin transaction
2107
+ -----------------------------------------------
2108
+ RubyJwtTest: test_returns_false_if_wrong_issuer
2109
+ -----------------------------------------------
2110
+  (0.0ms) rollback transaction
2111
+  (0.0ms) begin transaction
2112
+ -------------------------------------------------------------------------
2113
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
2114
+ -------------------------------------------------------------------------
2115
+  (0.0ms) rollback transaction
2116
+  (0.0ms) begin transaction
2117
+ -----------------------------------------------
2118
+ RubyJwtTest: test_returns_sign_error_for_no_key
2119
+ -----------------------------------------------
2120
+  (0.0ms) rollback transaction
2121
+  (0.0ms) begin transaction
2122
+ ------------------------------------------------
2123
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
2124
+ ------------------------------------------------
2125
+  (0.1ms) rollback transaction
2126
+  (0.0ms) begin transaction
2127
+ ----------------------------------------------
2128
+ RubyJwtTest: test_should_encode_and_decode_RSA
2129
+ ----------------------------------------------
2130
+  (0.0ms) rollback transaction
2131
+  (0.0ms) begin transaction
2132
+ ----------------------------------------------------------
2133
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
2134
+ ----------------------------------------------------------
2135
+  (0.0ms) rollback transaction
2136
+  (0.0ms) begin transaction
2137
+ -----------------------------------------------
2138
+ RubyJwtTest: test_should_encode_and_decode_none
2139
+ -----------------------------------------------
2140
+  (0.1ms) rollback transaction
data/test/ruby_jwt_test.rb CHANGED
@@ -33,6 +33,16 @@ class RubyJwtTest < ActiveSupport::TestCase
33
33
  assert_equal(@header,decoded.header, "header is invalid") and assert_equal(@payload,decoded.payload,"payload is invalid") and assert_equal(true,verified_jwt.success)
34
34
  end
35
35
 
36
+ test "should encode and decode ECDSA" do
37
+ pk = OpenSSL::PKey::EC.new("prime192v1")
38
+ pk.generate_key
39
+ @header = {:typ => "JWT", :alg => "ES384"}
40
+ jwt = JWT.sign(@payload,pk,@payload_options,@header)
41
+ decoded = JWT.decode(jwt)
42
+ verified_jwt = JWT.verify(jwt,pk,@payload_options)
43
+ assert_equal(@header,decoded.header, "header is invalid") and assert_equal(@payload,decoded.payload,"payload is invalid") and assert_equal(true,verified_jwt.success)
44
+ end
45
+
36
46
  test "decodes and verifies existing token" do
37
47
  secret = "0zWThVpyGq4QujsMHzTqNYZUbeXGB2Sa"
38
48
  token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJDaHJpcyBXZXN0b24iLCJpYXQiOjE0MTA2MTc1NzQsImV4cCI6MTY5MDUwNzYzOTcsImF1ZCI6Ind3dy5leGFtcGxlLmNvbSIsInN1YiI6Impyb2NrZXRAZXhhbXBsZS5jb20iLCJHaXZlbk5hbWUiOiJKb2hubnkiLCJTdXJuYW1lIjoiUm9ja2V0IiwiRW1haWwiOiJqcm9ja2V0QGV4YW1wbGUuY29tIiwiUm9sZSI6WyJNYW5hZ2VyIiwiUHJvamVjdCBBZG1pbmlzdHJhdG9yIl19.llRwkrzrkAu_n4XFGvZpHR3J_p_Ow3er7LxJBZS-4M4"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby_jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Weston