ruby_jwt 1.0.4 → 1.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5caedc6675f7dbeb6483296aff49b9e0e912f4c1
4
- data.tar.gz: a91ec6b3947c16f31e2cb9c8992f69c5a4731b47
3
+ metadata.gz: b88afcd3172aa7eda1be4a86e2b524e8a4f34748
4
+ data.tar.gz: 77b511898b500b59dd0e36a5abde641784093018
5
5
  SHA512:
6
- metadata.gz: 2010772f1e506f3b07959816763381e06aa61b195acc79076d27e727fd824f100cde4dd865e1b0d66dc72239baa33cb7c87a1dca53efa869759c88dea3811616
7
- data.tar.gz: 3a3250817f092d105836bb80c3533961715ed7782662cf75bfca5ea5c672a475199bef8b2d2cfe579c14db2b7f0233693d3864347bc490172830a409981a2868
6
+ metadata.gz: 96b91b546ccea3307c61920f42d865e8fd015e8095d51345a1b9b3aad75fff14289cd554d933ce72ebb7d7aa22a93c0a3c5aa110a9c15545b98c2053c2112679
7
+ data.tar.gz: eb1cfe0f74de8f989e4c4b9fa2c8be4656a30d6544ec11972b3c3dcc6bd0e1466849128dab53a0633bdbe6f77e2c22fc5abe73d88696ec1d40ca7364cb479f16
@@ -1,4 +1,4 @@
1
1
  module RubyJwt
2
- VERSION = "1.0.4
2
+ VERSION = "1.0.5
3
3
  "
4
4
  end
data/lib/ruby_jwt.rb CHANGED
@@ -22,6 +22,11 @@ module JWT
22
22
  @message = message
23
23
  end
24
24
  end
25
+
26
+ class OpenSSL::PKey::EC
27
+ alias_method :private?, :private_key?
28
+ end
29
+
25
30
  SIGNATURES = {"256" => OpenSSL::Digest::SHA256.new(), "384" => OpenSSL::Digest::SHA384.new(), "512" => OpenSSL::Digest::SHA512.new()}
26
31
  # SIGNATURES = {
27
32
  # "HS256" => OpenSSL::Digest::SHA256.new(), "HS384" => OpenSSL::Digest::SHA384.new(), "HS512" => OpenSSL::Digest::SHA512.new(),
@@ -110,6 +115,8 @@ module JWT
110
115
  return base64urlencode(OpenSSL::HMAC.digest(SIGNATURES[alg.gsub("HS","")], key, data))
111
116
  when "RS256", "RS384", "RS512"
112
117
  return base64urlencode(key.sign(SIGNATURES[alg.gsub("RS","")],data))
118
+ when "ES256", "ES384", "ES512"
119
+ return base64urlencode(key.sign(SIGNATURES[alg.gsub("ES","")],data))
113
120
  else
114
121
  raise NotImplementedError.new("Unsupported signing method!")
115
122
  end
@@ -123,6 +130,8 @@ module JWT
123
130
  return time_compare(signature,OpenSSL::HMAC.digest(SIGNATURES[alg.gsub("HS","")], key, data))
124
131
  when "RS256", "RS384", "RS512"
125
132
  return key.verify(SIGNATURES[alg.gsub("RS","")],signature, data)
133
+ when "ES256", "ES384", "ES512"
134
+ return key.verify(SIGNATURES[alg.gsub("ES","")],signature, data)
126
135
  else
127
136
  raise NotImplementedError.new("Unsupported signing method!")
128
137
  end
@@ -1838,3 +1838,303 @@ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
1838
1838
  RubyJwtTest: test_should_encode_and_decode_none
1839
1839
  -----------------------------------------------
1840
1840
   (0.0ms) rollback transaction
1841
+  (0.1ms) begin transaction
1842
+ -----------------------------------------------------
1843
+ RubyJwtTest: test_decodes_and_verifies_existing_token
1844
+ -----------------------------------------------------
1845
+  (0.0ms) rollback transaction
1846
+  (0.0ms) begin transaction
1847
+ ---------------------------------------------------------
1848
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
1849
+ ---------------------------------------------------------
1850
+  (0.0ms) rollback transaction
1851
+  (0.0ms) begin transaction
1852
+ ------------------------------------------
1853
+ RubyJwtTest: test_returns_false_if_expired
1854
+ ------------------------------------------
1855
+  (0.1ms) rollback transaction
1856
+  (0.0ms) begin transaction
1857
+ ----------------------------------------------------
1858
+ RubyJwtTest: test_returns_false_if_invalid_signature
1859
+ ----------------------------------------------------
1860
+  (0.0ms) rollback transaction
1861
+  (0.0ms) begin transaction
1862
+ -------------------------------------------------
1863
+ RubyJwtTest: test_returns_false_if_wrong_audience
1864
+ -------------------------------------------------
1865
+  (0.0ms) rollback transaction
1866
+  (0.0ms) begin transaction
1867
+ -----------------------------------------------
1868
+ RubyJwtTest: test_returns_false_if_wrong_issuer
1869
+ -----------------------------------------------
1870
+  (0.1ms) rollback transaction
1871
+  (0.0ms) begin transaction
1872
+ -------------------------------------------------------------------------
1873
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
1874
+ -------------------------------------------------------------------------
1875
+  (0.0ms) rollback transaction
1876
+  (0.0ms) begin transaction
1877
+ -----------------------------------------------
1878
+ RubyJwtTest: test_returns_sign_error_for_no_key
1879
+ -----------------------------------------------
1880
+  (0.0ms) rollback transaction
1881
+  (0.0ms) begin transaction
1882
+ ------------------------------------------------
1883
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
1884
+ ------------------------------------------------
1885
+  (0.0ms) rollback transaction
1886
+  (0.0ms) begin transaction
1887
+ ----------------------------------------------
1888
+ RubyJwtTest: test_should_encode_and_decode_RSA
1889
+ ----------------------------------------------
1890
+  (0.1ms) rollback transaction
1891
+  (0.0ms) begin transaction
1892
+ ----------------------------------------------------------
1893
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
1894
+ ----------------------------------------------------------
1895
+  (0.0ms) rollback transaction
1896
+  (0.0ms) begin transaction
1897
+ -----------------------------------------------
1898
+ RubyJwtTest: test_should_encode_and_decode_none
1899
+ -----------------------------------------------
1900
+  (0.0ms) rollback transaction
1901
+  (0.1ms) begin transaction
1902
+ -----------------------------------------------------
1903
+ RubyJwtTest: test_decodes_and_verifies_existing_token
1904
+ -----------------------------------------------------
1905
+  (0.0ms) rollback transaction
1906
+  (0.0ms) begin transaction
1907
+ ---------------------------------------------------------
1908
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
1909
+ ---------------------------------------------------------
1910
+  (0.0ms) rollback transaction
1911
+  (0.0ms) begin transaction
1912
+ ------------------------------------------
1913
+ RubyJwtTest: test_returns_false_if_expired
1914
+ ------------------------------------------
1915
+  (0.0ms) rollback transaction
1916
+  (0.0ms) begin transaction
1917
+ ----------------------------------------------------
1918
+ RubyJwtTest: test_returns_false_if_invalid_signature
1919
+ ----------------------------------------------------
1920
+  (0.0ms) rollback transaction
1921
+  (0.1ms) begin transaction
1922
+ -------------------------------------------------
1923
+ RubyJwtTest: test_returns_false_if_wrong_audience
1924
+ -------------------------------------------------
1925
+  (0.0ms) rollback transaction
1926
+  (0.0ms) begin transaction
1927
+ -----------------------------------------------
1928
+ RubyJwtTest: test_returns_false_if_wrong_issuer
1929
+ -----------------------------------------------
1930
+  (0.1ms) rollback transaction
1931
+  (0.0ms) begin transaction
1932
+ -------------------------------------------------------------------------
1933
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
1934
+ -------------------------------------------------------------------------
1935
+  (0.0ms) rollback transaction
1936
+  (0.0ms) begin transaction
1937
+ -----------------------------------------------
1938
+ RubyJwtTest: test_returns_sign_error_for_no_key
1939
+ -----------------------------------------------
1940
+  (0.0ms) rollback transaction
1941
+  (0.1ms) begin transaction
1942
+ ------------------------------------------------
1943
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
1944
+ ------------------------------------------------
1945
+  (0.0ms) rollback transaction
1946
+  (0.0ms) begin transaction
1947
+ ----------------------------------------------
1948
+ RubyJwtTest: test_should_encode_and_decode_RSA
1949
+ ----------------------------------------------
1950
+  (0.0ms) rollback transaction
1951
+  (0.0ms) begin transaction
1952
+ ----------------------------------------------------------
1953
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
1954
+ ----------------------------------------------------------
1955
+  (0.0ms) rollback transaction
1956
+  (0.0ms) begin transaction
1957
+ -----------------------------------------------
1958
+ RubyJwtTest: test_should_encode_and_decode_none
1959
+ -----------------------------------------------
1960
+  (0.0ms) rollback transaction
1961
+  (0.1ms) begin transaction
1962
+ -----------------------------------------------------
1963
+ RubyJwtTest: test_decodes_and_verifies_existing_token
1964
+ -----------------------------------------------------
1965
+  (0.0ms) rollback transaction
1966
+  (0.0ms) begin transaction
1967
+ ---------------------------------------------------------
1968
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
1969
+ ---------------------------------------------------------
1970
+  (0.0ms) rollback transaction
1971
+  (0.0ms) begin transaction
1972
+ ------------------------------------------
1973
+ RubyJwtTest: test_returns_false_if_expired
1974
+ ------------------------------------------
1975
+  (0.0ms) rollback transaction
1976
+  (0.0ms) begin transaction
1977
+ ----------------------------------------------------
1978
+ RubyJwtTest: test_returns_false_if_invalid_signature
1979
+ ----------------------------------------------------
1980
+  (0.0ms) rollback transaction
1981
+  (0.0ms) begin transaction
1982
+ -------------------------------------------------
1983
+ RubyJwtTest: test_returns_false_if_wrong_audience
1984
+ -------------------------------------------------
1985
+  (0.0ms) rollback transaction
1986
+  (0.0ms) begin transaction
1987
+ -----------------------------------------------
1988
+ RubyJwtTest: test_returns_false_if_wrong_issuer
1989
+ -----------------------------------------------
1990
+  (0.0ms) rollback transaction
1991
+  (0.1ms) begin transaction
1992
+ -------------------------------------------------------------------------
1993
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
1994
+ -------------------------------------------------------------------------
1995
+  (0.0ms) rollback transaction
1996
+  (0.1ms) begin transaction
1997
+ -----------------------------------------------
1998
+ RubyJwtTest: test_returns_sign_error_for_no_key
1999
+ -----------------------------------------------
2000
+  (0.0ms) rollback transaction
2001
+  (0.0ms) begin transaction
2002
+ ------------------------------------------------
2003
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
2004
+ ------------------------------------------------
2005
+  (0.1ms) rollback transaction
2006
+  (0.1ms) begin transaction
2007
+ ----------------------------------------------
2008
+ RubyJwtTest: test_should_encode_and_decode_RSA
2009
+ ----------------------------------------------
2010
+  (0.0ms) rollback transaction
2011
+  (0.0ms) begin transaction
2012
+ ----------------------------------------------------------
2013
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
2014
+ ----------------------------------------------------------
2015
+  (0.0ms) rollback transaction
2016
+  (0.1ms) begin transaction
2017
+ -----------------------------------------------
2018
+ RubyJwtTest: test_should_encode_and_decode_none
2019
+ -----------------------------------------------
2020
+  (0.0ms) rollback transaction
2021
+  (0.1ms) begin transaction
2022
+ -----------------------------------------------------
2023
+ RubyJwtTest: test_decodes_and_verifies_existing_token
2024
+ -----------------------------------------------------
2025
+  (0.0ms) rollback transaction
2026
+  (0.0ms) begin transaction
2027
+ ---------------------------------------------------------
2028
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
2029
+ ---------------------------------------------------------
2030
+  (0.0ms) rollback transaction
2031
+  (0.0ms) begin transaction
2032
+ ------------------------------------------
2033
+ RubyJwtTest: test_returns_false_if_expired
2034
+ ------------------------------------------
2035
+  (0.0ms) rollback transaction
2036
+  (0.0ms) begin transaction
2037
+ ----------------------------------------------------
2038
+ RubyJwtTest: test_returns_false_if_invalid_signature
2039
+ ----------------------------------------------------
2040
+  (0.0ms) rollback transaction
2041
+  (0.0ms) begin transaction
2042
+ -------------------------------------------------
2043
+ RubyJwtTest: test_returns_false_if_wrong_audience
2044
+ -------------------------------------------------
2045
+  (0.0ms) rollback transaction
2046
+  (0.0ms) begin transaction
2047
+ -----------------------------------------------
2048
+ RubyJwtTest: test_returns_false_if_wrong_issuer
2049
+ -----------------------------------------------
2050
+  (0.0ms) rollback transaction
2051
+  (0.0ms) begin transaction
2052
+ -------------------------------------------------------------------------
2053
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
2054
+ -------------------------------------------------------------------------
2055
+  (0.0ms) rollback transaction
2056
+  (0.0ms) begin transaction
2057
+ -----------------------------------------------
2058
+ RubyJwtTest: test_returns_sign_error_for_no_key
2059
+ -----------------------------------------------
2060
+  (0.0ms) rollback transaction
2061
+  (0.0ms) begin transaction
2062
+ ------------------------------------------------
2063
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
2064
+ ------------------------------------------------
2065
+  (0.0ms) rollback transaction
2066
+  (0.0ms) begin transaction
2067
+ ----------------------------------------------
2068
+ RubyJwtTest: test_should_encode_and_decode_RSA
2069
+ ----------------------------------------------
2070
+  (0.0ms) rollback transaction
2071
+  (0.0ms) begin transaction
2072
+ ----------------------------------------------------------
2073
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
2074
+ ----------------------------------------------------------
2075
+  (0.0ms) rollback transaction
2076
+  (0.0ms) begin transaction
2077
+ -----------------------------------------------
2078
+ RubyJwtTest: test_should_encode_and_decode_none
2079
+ -----------------------------------------------
2080
+  (0.0ms) rollback transaction
2081
+  (0.1ms) begin transaction
2082
+ -----------------------------------------------------
2083
+ RubyJwtTest: test_decodes_and_verifies_existing_token
2084
+ -----------------------------------------------------
2085
+  (0.0ms) rollback transaction
2086
+  (0.0ms) begin transaction
2087
+ ---------------------------------------------------------
2088
+ RubyJwtTest: test_returns_decode_error_for_invalid_base64
2089
+ ---------------------------------------------------------
2090
+  (0.0ms) rollback transaction
2091
+  (0.0ms) begin transaction
2092
+ ------------------------------------------
2093
+ RubyJwtTest: test_returns_false_if_expired
2094
+ ------------------------------------------
2095
+  (0.0ms) rollback transaction
2096
+  (0.0ms) begin transaction
2097
+ ----------------------------------------------------
2098
+ RubyJwtTest: test_returns_false_if_invalid_signature
2099
+ ----------------------------------------------------
2100
+  (0.0ms) rollback transaction
2101
+  (0.0ms) begin transaction
2102
+ -------------------------------------------------
2103
+ RubyJwtTest: test_returns_false_if_wrong_audience
2104
+ -------------------------------------------------
2105
+  (0.0ms) rollback transaction
2106
+  (0.0ms) begin transaction
2107
+ -----------------------------------------------
2108
+ RubyJwtTest: test_returns_false_if_wrong_issuer
2109
+ -----------------------------------------------
2110
+  (0.0ms) rollback transaction
2111
+  (0.0ms) begin transaction
2112
+ -------------------------------------------------------------------------
2113
+ RubyJwtTest: test_returns_not_implemented_error_for_unsupported_algorithm
2114
+ -------------------------------------------------------------------------
2115
+  (0.0ms) rollback transaction
2116
+  (0.0ms) begin transaction
2117
+ -----------------------------------------------
2118
+ RubyJwtTest: test_returns_sign_error_for_no_key
2119
+ -----------------------------------------------
2120
+  (0.0ms) rollback transaction
2121
+  (0.0ms) begin transaction
2122
+ ------------------------------------------------
2123
+ RubyJwtTest: test_should_encode_and_decode_ECDSA
2124
+ ------------------------------------------------
2125
+  (0.1ms) rollback transaction
2126
+  (0.0ms) begin transaction
2127
+ ----------------------------------------------
2128
+ RubyJwtTest: test_should_encode_and_decode_RSA
2129
+ ----------------------------------------------
2130
+  (0.0ms) rollback transaction
2131
+  (0.0ms) begin transaction
2132
+ ----------------------------------------------------------
2133
+ RubyJwtTest: test_should_encode_and_decode_and_verify_hmac
2134
+ ----------------------------------------------------------
2135
+  (0.0ms) rollback transaction
2136
+  (0.0ms) begin transaction
2137
+ -----------------------------------------------
2138
+ RubyJwtTest: test_should_encode_and_decode_none
2139
+ -----------------------------------------------
2140
+  (0.1ms) rollback transaction
@@ -33,6 +33,16 @@ class RubyJwtTest < ActiveSupport::TestCase
33
33
  assert_equal(@header,decoded.header, "header is invalid") and assert_equal(@payload,decoded.payload,"payload is invalid") and assert_equal(true,verified_jwt.success)
34
34
  end
35
35
 
36
+ test "should encode and decode ECDSA" do
37
+ pk = OpenSSL::PKey::EC.new("prime192v1")
38
+ pk.generate_key
39
+ @header = {:typ => "JWT", :alg => "ES384"}
40
+ jwt = JWT.sign(@payload,pk,@payload_options,@header)
41
+ decoded = JWT.decode(jwt)
42
+ verified_jwt = JWT.verify(jwt,pk,@payload_options)
43
+ assert_equal(@header,decoded.header, "header is invalid") and assert_equal(@payload,decoded.payload,"payload is invalid") and assert_equal(true,verified_jwt.success)
44
+ end
45
+
36
46
  test "decodes and verifies existing token" do
37
47
  secret = "0zWThVpyGq4QujsMHzTqNYZUbeXGB2Sa"
38
48
  token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJDaHJpcyBXZXN0b24iLCJpYXQiOjE0MTA2MTc1NzQsImV4cCI6MTY5MDUwNzYzOTcsImF1ZCI6Ind3dy5leGFtcGxlLmNvbSIsInN1YiI6Impyb2NrZXRAZXhhbXBsZS5jb20iLCJHaXZlbk5hbWUiOiJKb2hubnkiLCJTdXJuYW1lIjoiUm9ja2V0IiwiRW1haWwiOiJqcm9ja2V0QGV4YW1wbGUuY29tIiwiUm9sZSI6WyJNYW5hZ2VyIiwiUHJvamVjdCBBZG1pbmlzdHJhdG9yIl19.llRwkrzrkAu_n4XFGvZpHR3J_p_Ow3er7LxJBZS-4M4"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby_jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Weston