ruby_jwt 1.1.0 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ruby_jwt.rb +22 -20
- data/lib/ruby_jwt/version.rb +1 -1
- data/test/dummy/app/assets/javascripts/main.js +2 -0
- data/test/dummy/app/assets/javascripts/users.js +2 -0
- data/test/dummy/app/assets/stylesheets/main.css +4 -0
- data/test/dummy/app/assets/stylesheets/scaffold.css +56 -0
- data/test/dummy/app/assets/stylesheets/users.css +4 -0
- data/test/dummy/app/controllers/application_controller.rb +14 -0
- data/test/dummy/app/controllers/main_controller.rb +7 -0
- data/test/dummy/app/controllers/users_controller.rb +64 -0
- data/test/dummy/app/helpers/main_helper.rb +2 -0
- data/test/dummy/app/helpers/users_helper.rb +2 -0
- data/test/dummy/app/models/user.rb +2 -0
- data/test/dummy/app/views/main/index.html.erb +2 -0
- data/test/dummy/app/views/main/login.html.erb +2 -0
- data/test/dummy/app/views/users/_form.html.erb +25 -0
- data/test/dummy/app/views/users/edit.html.erb +6 -0
- data/test/dummy/app/views/users/index.html.erb +27 -0
- data/test/dummy/app/views/users/login.html.erb +1 -0
- data/test/dummy/app/views/users/new.html.erb +5 -0
- data/test/dummy/app/views/users/show.html.erb +14 -0
- data/test/dummy/config/routes.rb +9 -0
- data/test/dummy/db/development.sqlite3 +0 -0
- data/test/dummy/db/migrate/20140919004039_create_users.rb +10 -0
- data/test/dummy/db/schema.rb +23 -0
- data/test/dummy/log/development.log +1112 -0
- data/test/dummy/log/test.log +830 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/0800f54ee19cf3cee10b956fa9786799 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/13fe41fee1fe35b49d145bcc06610705 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/25fca4643219052b0d5c66cf2c71f72f +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/2f5173deea6c795b8fdde723bb4b63af +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/357970feca3ac29060c1e3861e2c0953 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/371bf96e99717688ed7313a0c53f4212 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/386e9196dd0f9efdce6f92ce93a6d107 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/3f9170db678c4e1fdfa51752e5ec8e39 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/4050a4e5062ab95c9f32e9b6940821ea +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/489af12e680adec109e506328fdc1368 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/510da110ae528e2d22533be39ff696c5 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/5f1a0d05e77ca8b9a1fc2a47e17a8174 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/6fc757c2c8329244ca95d6909865bbc2 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/87b209c0c9da28094a8d5581a21262c6 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/cebc6db0bbb8120f430da3970b173d2f +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/cffd775d018f68ce5dba1ee0d951a994 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/d771ace226fc8215a3572e0aa35bb0d6 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/e36b8fcf5914a3a6bf058abfe7367b19 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/f56253b5f374fff1a33fbbc9881c9124 +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/f6eeb33602682bd6ff6d1f177f6b142d +0 -0
- data/test/dummy/tmp/cache/assets/development/sprockets/f7cbd26ba1d28d48de824f0e94586655 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/13fe41fee1fe35b49d145bcc06610705 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/25fca4643219052b0d5c66cf2c71f72f +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/2f5173deea6c795b8fdde723bb4b63af +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/357970feca3ac29060c1e3861e2c0953 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/371bf96e99717688ed7313a0c53f4212 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/386e9196dd0f9efdce6f92ce93a6d107 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/4050a4e5062ab95c9f32e9b6940821ea +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/5f1a0d05e77ca8b9a1fc2a47e17a8174 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/6fc757c2c8329244ca95d6909865bbc2 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/87b209c0c9da28094a8d5581a21262c6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/cffd775d018f68ce5dba1ee0d951a994 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/d771ace226fc8215a3572e0aa35bb0d6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/e36b8fcf5914a3a6bf058abfe7367b19 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/f56253b5f374fff1a33fbbc9881c9124 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/f6eeb33602682bd6ff6d1f177f6b142d +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/f7cbd26ba1d28d48de824f0e94586655 +0 -0
- data/test/ruby_jwt_test.rb +12 -16
- metadata +118 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e534fc72b29b3327c419953c2586ebe7bb044969
|
4
|
+
data.tar.gz: ae170754b0293e51a43a286922b39e55f145599c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bb923d58727f97d79f0c49e2b9f0604bc150a78a467e642f1a452a6ef388f6a227e28708ff1d9a5c5fa4767f4ada369517f80254d280aee57209fc28a026e43f
|
7
|
+
data.tar.gz: 85495d0489e13a8cdf6deea6d2b358d5286823bd0992206f597f73f188c3a72b12f38dae6ff125418b607d6c5c8241d41a1b9e3e606dde3ccfa53befcfff7b0b
|
data/lib/ruby_jwt.rb
CHANGED
@@ -4,7 +4,7 @@ require 'json'
|
|
4
4
|
|
5
5
|
module JWT
|
6
6
|
|
7
|
-
class
|
7
|
+
class VerificationError < StandardError;end
|
8
8
|
class SignError < StandardError;end
|
9
9
|
class DecodeResponse
|
10
10
|
attr_accessor :header, :payload, :signature
|
@@ -14,15 +14,15 @@ module JWT
|
|
14
14
|
@signature = signature
|
15
15
|
end
|
16
16
|
end
|
17
|
-
class VerificationResponse
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
end
|
17
|
+
# class VerificationResponse
|
18
|
+
# attr_accessor :success, :message, :decoded_token
|
19
|
+
|
20
|
+
# def initialize(success,message, decoded = nil)
|
21
|
+
# @success = success
|
22
|
+
# @message = message
|
23
|
+
# @decoded_token = decoded
|
24
|
+
# end
|
25
|
+
# end
|
26
26
|
|
27
27
|
# class OpenSSL::PKey::EC
|
28
28
|
# alias_method :private?, :private_key?
|
@@ -42,7 +42,7 @@ module JWT
|
|
42
42
|
end
|
43
43
|
payload[:iat] = Time.now.to_i
|
44
44
|
if(payload_options[:exp])
|
45
|
-
payload_options
|
45
|
+
payload_options[:exp] += payload[:iat]
|
46
46
|
end
|
47
47
|
|
48
48
|
if(payload_options[:nbf])
|
@@ -63,34 +63,36 @@ module JWT
|
|
63
63
|
end
|
64
64
|
|
65
65
|
def verify(token,secret,options={})
|
66
|
-
|
66
|
+
raise VerificationError.new("JWT cannot be blank") if !token or token.empty?
|
67
67
|
jwt_parts = token.split(".")
|
68
68
|
jwt = decode(token)
|
69
69
|
alg = jwt.header[:alg]
|
70
|
-
|
70
|
+
raise VerificationError.new("Key cannot be blank if algorithm is not 'none'") if(alg != "none" and !secret)
|
71
|
+
raise VerificationError.new("JWT has invalid number of segments.") if(jwt_parts.count < 3 and alg != "none")
|
72
|
+
raise VerificationError.new("JWT has invalid number of segments.") if(jwt_parts.count < 2 and alg == "none")
|
71
73
|
payload = jwt.payload
|
72
74
|
signature = base64urldecode(jwt.signature) if alg != "none"
|
73
75
|
current_time = Time.now.to_i
|
74
76
|
if(payload[:exp] and current_time >= payload[:exp])
|
75
|
-
|
77
|
+
raise VerificationError.new("JWT is expired.")
|
76
78
|
end
|
77
79
|
|
78
80
|
if(payload[:nbf] and current_time < payload[:nbf])
|
79
|
-
|
81
|
+
raise VerificationError.new( "JWT nbf has not passed yet.")
|
80
82
|
end
|
81
83
|
|
82
84
|
if(options[:iss])
|
83
|
-
|
85
|
+
raise VerificationError.new("JWT issuer is invalid.") if options[:iss] != payload[:iss]
|
84
86
|
end
|
85
87
|
|
86
88
|
if(options[:aud])
|
87
89
|
audience = (options[:aud].is_a? Array) ? options[:aud] : [options[:aud]]
|
88
|
-
|
90
|
+
raise VerificationError.new("JWT audience is invalid.") if !audience.include? payload[:aud]
|
89
91
|
end
|
90
92
|
|
91
|
-
|
93
|
+
raise VerificationError.new("JWT signature is invalid.") if !verify_signature(alg,secret,jwt_parts[0..1].join("."),signature)
|
92
94
|
|
93
|
-
return
|
95
|
+
return jwt
|
94
96
|
end
|
95
97
|
|
96
98
|
|
@@ -163,7 +165,7 @@ module JWT
|
|
163
165
|
raise JWT::DecodeError.new("Illegal base64 string!")
|
164
166
|
end
|
165
167
|
rescue ArgumentError => e
|
166
|
-
raise JWT::
|
168
|
+
raise JWT::VerificationError.new(e.message)
|
167
169
|
end
|
168
170
|
|
169
171
|
end
|
data/lib/ruby_jwt/version.rb
CHANGED
@@ -0,0 +1,56 @@
|
|
1
|
+
body { background-color: #fff; color: #333; }
|
2
|
+
|
3
|
+
body, p, ol, ul, td {
|
4
|
+
font-family: verdana, arial, helvetica, sans-serif;
|
5
|
+
font-size: 13px;
|
6
|
+
line-height: 18px;
|
7
|
+
}
|
8
|
+
|
9
|
+
pre {
|
10
|
+
background-color: #eee;
|
11
|
+
padding: 10px;
|
12
|
+
font-size: 11px;
|
13
|
+
}
|
14
|
+
|
15
|
+
a { color: #000; }
|
16
|
+
a:visited { color: #666; }
|
17
|
+
a:hover { color: #fff; background-color:#000; }
|
18
|
+
|
19
|
+
div.field, div.actions {
|
20
|
+
margin-bottom: 10px;
|
21
|
+
}
|
22
|
+
|
23
|
+
#notice {
|
24
|
+
color: green;
|
25
|
+
}
|
26
|
+
|
27
|
+
.field_with_errors {
|
28
|
+
padding: 2px;
|
29
|
+
background-color: red;
|
30
|
+
display: table;
|
31
|
+
}
|
32
|
+
|
33
|
+
#error_explanation {
|
34
|
+
width: 450px;
|
35
|
+
border: 2px solid red;
|
36
|
+
padding: 7px;
|
37
|
+
padding-bottom: 0;
|
38
|
+
margin-bottom: 20px;
|
39
|
+
background-color: #f0f0f0;
|
40
|
+
}
|
41
|
+
|
42
|
+
#error_explanation h2 {
|
43
|
+
text-align: left;
|
44
|
+
font-weight: bold;
|
45
|
+
padding: 5px 5px 5px 15px;
|
46
|
+
font-size: 12px;
|
47
|
+
margin: -7px;
|
48
|
+
margin-bottom: 0px;
|
49
|
+
background-color: #c00;
|
50
|
+
color: #fff;
|
51
|
+
}
|
52
|
+
|
53
|
+
#error_explanation ul li {
|
54
|
+
font-size: 12px;
|
55
|
+
list-style: square;
|
56
|
+
}
|
@@ -2,4 +2,18 @@ class ApplicationController < ActionController::Base
|
|
2
2
|
# Prevent CSRF attacks by raising an exception.
|
3
3
|
# For APIs, you may want to use :null_session instead.
|
4
4
|
protect_from_forgery with: :exception
|
5
|
+
|
6
|
+
def verify_token
|
7
|
+
if(cookies[:session_token])
|
8
|
+
x = JWT.verify(cookies[:session_token],"secret")
|
9
|
+
redirect_to(root_path) if !x.success
|
10
|
+
@current_user = User.find(x.decoded_token.payload[:user_id])
|
11
|
+
else
|
12
|
+
redirect_to root_path
|
13
|
+
end
|
14
|
+
|
15
|
+
|
16
|
+
|
17
|
+
end
|
18
|
+
|
5
19
|
end
|
@@ -0,0 +1,64 @@
|
|
1
|
+
class UsersController < ApplicationController
|
2
|
+
before_action :verify_token, only: [:index,:show, :edit, :update, :destroy]
|
3
|
+
before_action :set_user, only: [:show, :edit, :update, :destroy]
|
4
|
+
|
5
|
+
|
6
|
+
# GET /users
|
7
|
+
def index
|
8
|
+
@users = User.all
|
9
|
+
end
|
10
|
+
|
11
|
+
# GET /users/1
|
12
|
+
def show
|
13
|
+
end
|
14
|
+
|
15
|
+
# GET /users/new
|
16
|
+
def new
|
17
|
+
@user = User.new
|
18
|
+
end
|
19
|
+
|
20
|
+
def login
|
21
|
+
cookies[:session_token] = JWT.sign({:user_id => 1},"secret",{},{:alg => "HS384"})
|
22
|
+
end
|
23
|
+
|
24
|
+
# GET /users/1/edit
|
25
|
+
def edit
|
26
|
+
end
|
27
|
+
|
28
|
+
# POST /users
|
29
|
+
def create
|
30
|
+
@user = User.new(user_params)
|
31
|
+
|
32
|
+
if @user.save
|
33
|
+
redirect_to @user, notice: 'User was successfully created.'
|
34
|
+
else
|
35
|
+
render :new
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
# PATCH/PUT /users/1
|
40
|
+
def update
|
41
|
+
if @user.update(user_params)
|
42
|
+
redirect_to @user, notice: 'User was successfully updated.'
|
43
|
+
else
|
44
|
+
render :edit
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
# DELETE /users/1
|
49
|
+
def destroy
|
50
|
+
@user.destroy
|
51
|
+
redirect_to users_url, notice: 'User was successfully destroyed.'
|
52
|
+
end
|
53
|
+
|
54
|
+
private
|
55
|
+
# Use callbacks to share common setup or constraints between actions.
|
56
|
+
def set_user
|
57
|
+
@user = @current_user
|
58
|
+
end
|
59
|
+
|
60
|
+
# Only allow a trusted parameter "white list" through.
|
61
|
+
def user_params
|
62
|
+
params.require(:user).permit(:name, :password)
|
63
|
+
end
|
64
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
<%= form_for(@user) do |f| %>
|
2
|
+
<% if @user.errors.any? %>
|
3
|
+
<div id="error_explanation">
|
4
|
+
<h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
|
5
|
+
|
6
|
+
<ul>
|
7
|
+
<% @user.errors.full_messages.each do |message| %>
|
8
|
+
<li><%= message %></li>
|
9
|
+
<% end %>
|
10
|
+
</ul>
|
11
|
+
</div>
|
12
|
+
<% end %>
|
13
|
+
|
14
|
+
<div class="field">
|
15
|
+
<%= f.label :name %><br>
|
16
|
+
<%= f.text_field :name %>
|
17
|
+
</div>
|
18
|
+
<div class="field">
|
19
|
+
<%= f.label :password %><br>
|
20
|
+
<%= f.text_field :password %>
|
21
|
+
</div>
|
22
|
+
<div class="actions">
|
23
|
+
<%= f.submit %>
|
24
|
+
</div>
|
25
|
+
<% end %>
|
@@ -0,0 +1,27 @@
|
|
1
|
+
<h1>Listing users</h1>
|
2
|
+
|
3
|
+
<table>
|
4
|
+
<thead>
|
5
|
+
<tr>
|
6
|
+
<th>Name</th>
|
7
|
+
<th>Password</th>
|
8
|
+
<th colspan="3"></th>
|
9
|
+
</tr>
|
10
|
+
</thead>
|
11
|
+
|
12
|
+
<tbody>
|
13
|
+
<% @users.each do |user| %>
|
14
|
+
<tr>
|
15
|
+
<td><%= user.name %></td>
|
16
|
+
<td><%= user.password %></td>
|
17
|
+
<td><%= link_to 'Show', user %></td>
|
18
|
+
<td><%= link_to 'Edit', edit_user_path(user) %></td>
|
19
|
+
<td><%= link_to 'Destroy', user, method: :delete, data: { confirm: 'Are you sure?' } %></td>
|
20
|
+
</tr>
|
21
|
+
<% end %>
|
22
|
+
</tbody>
|
23
|
+
</table>
|
24
|
+
|
25
|
+
<br>
|
26
|
+
|
27
|
+
<%= link_to 'New User', new_user_path %>
|
@@ -0,0 +1 @@
|
|
1
|
+
<h1>Login</h1>
|
data/test/dummy/config/routes.rb
CHANGED
@@ -1,4 +1,13 @@
|
|
1
1
|
Rails.application.routes.draw do
|
2
|
+
root 'main#index'
|
3
|
+
get 'main/index'
|
4
|
+
|
5
|
+
get 'main/login'
|
6
|
+
|
7
|
+
resources :users
|
8
|
+
|
9
|
+
get '/login' => 'users#login'
|
10
|
+
|
2
11
|
# The priority is based upon order of creation: first created -> highest priority.
|
3
12
|
# See how all your routes lay out with "rake routes".
|
4
13
|
|
Binary file
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
# This file is auto-generated from the current state of the database. Instead
|
3
|
+
# of editing this file, please use the migrations feature of Active Record to
|
4
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
5
|
+
#
|
6
|
+
# Note that this schema.rb definition is the authoritative source for your
|
7
|
+
# database schema. If you need to create the application database on another
|
8
|
+
# system, you should be using db:schema:load, not running all the migrations
|
9
|
+
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
10
|
+
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
11
|
+
#
|
12
|
+
# It's strongly recommended that you check this file into your version control system.
|
13
|
+
|
14
|
+
ActiveRecord::Schema.define(version: 20140919004039) do
|
15
|
+
|
16
|
+
create_table "users", force: true do |t|
|
17
|
+
t.string "name"
|
18
|
+
t.string "password"
|
19
|
+
t.datetime "created_at"
|
20
|
+
t.datetime "updated_at"
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|