sandal 0.5.1 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e87dc3dc16b78944fbce50e48565012d79f087f6
-  data.tar.gz: 59b76ed79701856db73f2967da1818063fa58400
+  metadata.gz: b9335b993fe3eba12af0ce2a5f5b548495cb236e
+  data.tar.gz: acc295000fad37701881ec296247358ea5e1527c
 SHA512:
-  metadata.gz: 2ebe5600b88a9026de7b5056b0d26832f259adb47556a5cbe7eb51d07e6ec9eddc08ae289769ce260bf053d424521cb21c4cd394c273bf11d084fab7c2122b3d
-  data.tar.gz: 78a7d2f1a4a13330719adb344534882ee8652dcf26ad3966c3f9532a61682daaddcc409fee36d7e5f008d1c0f5f4b2a9defc2ec9fff44a4f685b65d3c3633c8c
+  metadata.gz: 4946603d929b6f6c063a458fe63d2f8847ecf3b97ef0c8e9fab3ea57119cd2bdee51c070dea1e693778e9a53b90c58a43a6c012cd4d24a59510e5593d0fe40ed
+  data.tar.gz: 62f892126c09d7dd8845be99120230a4858a51d501efef370a8afb2f35569ab1167a252bb655f985c8cf85fccfbc0f4577e3550af67bd852f3631f8770d4d3f5

data/.travis.yml

@@ -1,6 +1,11 @@
 language: ruby
 rvm:
-  - rbx-19mode
-  - jruby-19mode
-  - 1.9.3
+  - 2.1.0
   - 2.0.0
+  - 1.9.3
+  - jruby-19mode
+  - rbx
+matrix:
+  allow_failures:
+    - rvm: rbx
+cache: bundler

data/CHANGELOG.md

@@ -1,3 +1,20 @@
+## 0.5.2 (03 January 2014)
+
+Improvements:
+
+- RSpec assertions now use 3.x syntax (thanks to [@petergoldstein](https://github.com/petergoldstein))
+- MultiJson is now an optional dependency (thanks [@petergoldstein](https://github.com/petergoldstein))
+
+## 0.5.1 (11 June 2013)
+
+Bug fixes:
+
+- Fixed some loading errors when using the library with Sinatra.
+
+Breaking changes:
+
+- Methods on the `Sandal::Util` module are now static rather than being designed to be mixed in.
+
 ## 0.5.0 (07 June 2013)
 
 Features:

data/Gemfile

@@ -1,2 +1,12 @@
-source 'https://rubygems.org'
-gemspec
+source "https://rubygems.org"
+
+platforms :rbx do
+  gem "rubysl", "~> 2.0"
+  gem "rubysl-bundler", "~> 2.0"
+  gem "rubysl-rake", "~> 2.0"
+  gem "rubysl-securerandom", "~> 2.0"
+  gem "rubinius-coverage", "~> 2.0"
+  gem "json"
+end
+
+gemspec

data/README.md

@@ -1,6 +1,8 @@
 # Sandal [![Build Status](https://travis-ci.org/gregbeech/sandal.png?branch=master)](https://travis-ci.org/gregbeech/sandal) [![Coverage Status](https://coveralls.io/repos/gregbeech/sandal/badge.png?branch=master)](https://coveralls.io/r/gregbeech/sandal) [![Code Climate](https://codeclimate.com/github/gregbeech/sandal.png)](https://codeclimate.com/github/gregbeech/sandal) [![Dependency Status](https://gemnasium.com/gregbeech/sandal.png)](https://gemnasium.com/gregbeech/sandal)
 
-A Ruby library for creating and reading [JSON Web Tokens (JWT) draft-08](http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-08), supporting [JSON Web Signatures (JWS) draft-11](http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11) and [JSON Web Encryption (JWE) draft-11](http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-11). See the [CHANGELOG](CHANGELOG.md) for version history.
+A Ruby library for creating and reading [JSON Web Tokens (JWT) draft-13](http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-13), supporting [JSON Web Signatures (JWS) draft-18](http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-18) and [JSON Web Encryption (JWE) draft-18](http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-18). See the [CHANGELOG](CHANGELOG.md) for version history.
+
+_Note: Updates have not been forthcoming of late as (a) I've been very busy leading a team to get a major new project off the ground, and (b) there have been no incompatible updates to the specs, just terminology changes. I do have plans for the library such as refactoring into encoder/decoder classes and adding JSON serialisation and JWK support; if you want to help out it would be most welcome._
 
 ## Installation
 

data/lib/sandal.rb

@@ -1,9 +1,9 @@
-require "multi_json"
 require "openssl"
 require "zlib"
 require "sandal/version"
 require "sandal/claims"
 require "sandal/enc"
+require "sandal/json"
 require "sandal/sig"
 require "sandal/util"
 
@@ -107,9 +107,9 @@ module Sandal
     header = {}
     header["alg"] = signer.name
     header = header_fields.merge(header) if header_fields
-    header = MultiJson.dump(header)
+    header = Sandal::Json.dump(header)
 
-    payload = MultiJson.dump(payload) unless payload.is_a?(String)
+    payload = Sandal::Json.dump(payload) unless payload.is_a?(String)
 
     sec_input = [header, payload].map { |p| Sandal::Util.jwt_base64_encode(p) }.join(".")
     signature = signer.sign(sec_input)
@@ -135,7 +135,7 @@ module Sandal
       payload = Zlib::Deflate.deflate(payload, Zlib::BEST_COMPRESSION)
     end 
 
-    encrypter.encrypt(MultiJson.dump(header), payload)
+    encrypter.encrypt(Sandal::Json.dump(header), payload)
   end
 
   # Decodes and validates a signed and/or encrypted JSON Web Token, recursing into any nested tokens, and returns the 
@@ -177,7 +177,7 @@ module Sandal
       end
     end
 
-    if header["cty"] == "JWT"
+    if header.has_key?("cty") && header["cty"] =~ /\AJWT\Z/i
       if depth > 0
         if block_given?
           decode_token(payload, depth - 1, &Proc.new)
@@ -206,7 +206,7 @@ module Sandal
   # Decodes the parts of a token.
   def self.decode_token_parts(parts)
     parts = parts.map { |part| Sandal::Util.jwt_base64_decode(part) }
-    parts[0] = MultiJson.load(parts[0])
+    parts[0] = Sandal::Json.load(parts[0])
     parts
   rescue
     raise TokenError, "Invalid token encoding."
@@ -214,7 +214,7 @@ module Sandal
 
   # Parses the content of a token and validates the claims if is JSON claims.
   def self.parse_and_validate(payload, options)
-    claims = MultiJson.load(payload) rescue nil
+    claims = Sandal::Json.load(payload) rescue nil
     if claims
       claims.extend(Sandal::Claims).validate_claims(options)
     else

data/lib/sandal/claims.rb

@@ -85,7 +85,7 @@ module Sandal
         begin
           Time.at(claim)
         rescue
-          raise Sandal::ClaimError, "The "#{name}" claim is invalid."
+          raise Sandal::ClaimError, "The \"#{name}\" claim is invalid."
         end
       end
     end

data/lib/sandal/json.rb

@@ -0,0 +1,43 @@
+module Sandal
+  # Contains JSON encode and decode functionality.
+  module Json
+    if !defined?(MultiJson)
+      require 'json'
+
+      # Decode a JSON string into Ruby.  This version delegates to the included JSON engine.
+      #
+      # @param encoded [String] The JSON string representation of the object.
+      # @return The decoded Ruby object.
+      def self.load(encoded)
+        JSON.parse(encoded)
+      end
+
+      # Encodes a Ruby object as JSON.  This version delegates to the included JSON engine.
+      #
+      # @param raw The Ruby object to be encoded
+      # @return [String] The JSON string representation of the object.
+      def self.dump(raw)
+        JSON.generate(raw)
+      end
+
+    else
+      require 'multi_json'
+
+      # Decode a JSON string into Ruby.  This version delegates to MultiJson.
+      #
+      # @param encoded [String] The JSON string representation of the object.
+      # @return The decoded Ruby object.
+      def self.load(encoded)
+        MultiJson.load(encoded)
+      end
+
+      # Encodes a Ruby object as JSON.  This version delegates to MultiJson.
+      #
+      # @param raw The Ruby object to be encoded
+      # @return [String] The JSON string representation of the object.
+      def self.dump(raw)
+        MultiJson.dump(raw)
+      end
+    end
+  end
+end

data/lib/sandal/version.rb

@@ -1,4 +1,4 @@
 module Sandal
   # The semantic version of the library.
-  VERSION = "0.5.1"
+  VERSION = "0.5.2"
 end

data/sandal.gemspec

@@ -17,7 +17,6 @@ Gem::Specification.new do |s|
   s.require_paths = ["lib"]
   s.extra_rdoc_files = ["README.md", "LICENSE.md", "CHANGELOG.md"]
 
-  s.add_runtime_dependency "multi_json", "~> 1.7"
   s.add_runtime_dependency "jruby-openssl", "~> 0.7", ">= 0.7.3" if RUBY_PLATFORM == "java"
 
   s.add_development_dependency "bundler", ">= 1.3"

data/spec/sandal/claims_spec.rb

@@ -7,38 +7,38 @@ describe Sandal::Claims do
     it 'calls #validate_aud when valid audiences are provided' do
       claims = { 'aud' => 'example.org' }.extend(Sandal::Claims)
       valid_aud = %w(example.org)
-      claims.should_receive(:validate_aud).with(valid_aud)
+      expect(claims).to receive(:validate_aud).with(valid_aud)
       claims.validate_claims(valid_aud: valid_aud)
     end
 
     it 'calls #validate_exp by default' do
       claims = {}.extend(Sandal::Claims)
-      claims.should_receive(:validate_exp)
+      expect(claims).to receive(:validate_exp)
       claims.validate_claims
     end
 
     it 'does not call #validate_exp when the :ignore_exp option is set' do
       claims = {}.extend(Sandal::Claims)
-      claims.should_not_receive(:validate_exp)
+      expect(claims).not_to receive(:validate_exp)
       claims.validate_claims(ignore_exp: true)
     end
 
     it 'calls #validate_iss when valid issuers are provided' do
       claims = { 'iss' => 'example.org' }.extend(Sandal::Claims)
       valid_iss = %w(example.org)
-      claims.should_receive(:validate_iss).with(valid_iss)
+      expect(claims).to receive(:validate_iss).with(valid_iss)
       claims.validate_claims(valid_iss: valid_iss)
     end
 
     it 'calls #validate_nbf by default' do
       claims = {}.extend(Sandal::Claims)
-      claims.should_receive(:validate_nbf)
+      expect(claims).to receive(:validate_nbf)
       claims.validate_claims
     end
 
     it 'does not call #validate_nbf when the :ignore_nbf option is set' do
       claims = {}.extend(Sandal::Claims)
-      claims.should_not_receive(:validate_nbf)
+      expect(claims).not_to receive(:validate_nbf)
       claims.validate_claims(ignore_nbf: true)
     end
 

data/spec/sandal/enc/a128cbc_hs256_spec.rb

@@ -9,7 +9,7 @@ describe Sandal::Enc::A128CBC_HS256 do
   context "#name" do
     it "is 'A128CBC-HS256'" do
       enc = Sandal::Enc::A128CBC_HS256.new(Sandal::Enc::Alg::Direct.new("a cmk"))
-      enc.name.should == "A128CBC-HS256"
+      expect(enc.name).to eq("A128CBC-HS256")
     end
   end
 
@@ -17,7 +17,7 @@ describe Sandal::Enc::A128CBC_HS256 do
     it "can decrypt the example token from JWE draft-11 appendix 2", :jruby_incompatible do
       token="eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.UGhIOguC7IuEvf_NPVaXsGMoLOmwvc1GyqlIKOK1nN94nHPoltGRhWhw7Zx0-kFm1NJn8LE9XShH59_i8J0PH5ZZyNfGy2xGdULU7sHNF6Gp2vPLgNZ__deLKxGHZ7PcHALUzoOegEI-8E66jX2E4zyJKx-YxzZIItRzC5hlRirb6Y5Cl_p-ko3YvkkysZIFNPccxRU7qve1WYPxqbb2Yw8kZqa2rMWI5ng8OtvzlV7elprCbuPhcCdZ6XDP0_F8rkXds2vE4X-ncOIM8hAYHHi29NX0mcKiRaD0-D-ljQTP-cFPgwCp6X-nZZd9OHBv-B3oWh2TbqmScqXMR4gp_A.AxY8DCtDaGlsbGljb3RoZQ.KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.9hH0vgRfYgPnAHOd8stkvw"
       enc = Sandal::Enc::A128CBC_HS256.new(Sandal::Enc::Alg::RSA1_5.new(SampleKeys.jwe_draft11_appendix2_rsa))
-      enc.decrypt(token).should == "Live long and prosper."
+      expect(enc.decrypt(token)).to eq("Live long and prosper.")
     end
   end
 

data/spec/sandal/enc/a128gcm_spec.rb

@@ -11,7 +11,7 @@ describe Sandal::Enc::A128GCM do
   context "#name" do
     it "is 'A128GCM'" do
       enc = Sandal::Enc::A128GCM.new(Sandal::Enc::Alg::Direct.new("a cmk"))
-      enc.name.should == "A128GCM"
+      expect(enc.name).to eq("A128GCM")
     end
   end
 

data/spec/sandal/enc/a256cbc_hs512_spec.rb

@@ -11,7 +11,7 @@ describe Sandal::Enc::A256CBC_HS512 do
   context "#name" do
     it "is 'A256CBC-HS512'" do
       enc = Sandal::Enc::A256CBC_HS512.new(Sandal::Enc::Alg::Direct.new("a cmk"))
-      enc.name.should == "A256CBC-HS512"
+      expect(enc.name).to eq("A256CBC-HS512")
     end
   end
 

data/spec/sandal/enc/a256gcm_spec.rb

@@ -12,7 +12,7 @@ describe Sandal::Enc::A256GCM do
 
     it "is 'A256GCM'" do
       enc = Sandal::Enc::A256GCM.new(Sandal::Enc::Alg::Direct.new("a cmk"))
-      enc.name.should == "A256GCM"
+      expect(enc.name).to eq("A256GCM")
     end
 
   end
@@ -21,7 +21,7 @@ describe Sandal::Enc::A256GCM do
     it "can decrypt the example token from JWE draft-11 appendix 1", :jruby_incompatible do
       token = "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.OKOawDo13gRp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JGeipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDbSv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaVmqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je81860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi6UklfCpIMfIjf7iGdXKHzg.48V1_ALb6US04U3b.5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A.XFBoMYUZodetZdvTiFvSkQ"
       enc = Sandal::Enc::A256GCM.new(Sandal::Enc::Alg::RSA_OAEP.new(SampleKeys.jwe_draft11_appendix1_rsa))
-      enc.decrypt(token).should == "The true sign of intelligence is not knowledge but imagination."
+      expect(enc.decrypt(token)).to eq("The true sign of intelligence is not knowledge but imagination.")
     end
   end
 

data/spec/sandal/enc/alg/direct_spec.rb

@@ -6,7 +6,7 @@ describe Sandal::Enc::Alg::Direct do
   context "#name" do
     it "is 'dir'" do
       alg = Sandal::Enc::Alg::Direct.new("some key")
-      alg.name.should == "dir"
+      expect(alg.name).to eq("dir")
     end
   end
 
@@ -14,14 +14,14 @@ describe Sandal::Enc::Alg::Direct do
     it "returns the pre-shared key" do
       key = "the pre-shared key"
       alg = Sandal::Enc::Alg::Direct.new(key)
-      alg.preshared_key.should == key
+      expect(alg.preshared_key).to eq(key)
     end
   end
 
   context "#encrypt_key" do
     it "returns an empty string" do
       alg = Sandal::Enc::Alg::Direct.new("the real key")
-      alg.encrypt_key("any value").should == ""
+      expect(alg.encrypt_key("any value")).to eq("")
     end
   end
 
@@ -30,13 +30,13 @@ describe Sandal::Enc::Alg::Direct do
     it "returns the pre-shared content key when the value to decrypt is nil" do
       key = "a pre-shared key"
       alg = Sandal::Enc::Alg::Direct.new(key)
-      alg.decrypt_key(nil).should == key
+      expect(alg.decrypt_key(nil)).to eq(key)
     end
 
     it "returns the pre-shared content key when the value to decrypt is empty" do
       key = "my pre-shared key"
       alg = Sandal::Enc::Alg::Direct.new(key)
-      alg.decrypt_key("").should == key
+      expect(alg.decrypt_key("")).to eq(key)
     end
 
     it "raises an InvalidTokenError if the value to decrypt is not nil or empty" do

data/spec/sandal/enc/alg/rsa_spec.rb

@@ -8,7 +8,7 @@ shared_examples "encryption and decryption" do |enc_class|
     encrypter = enc_class.new(key.public_key)
     decrypter = enc_class.new(key)
     key = "an encryption key"
-    decrypter.decrypt_key(encrypter.encrypt_key(key)).should == key
+    expect(decrypter.decrypt_key(encrypter.encrypt_key(key))).to eq(key)
   end
 
   it "can use DER-encoded keys to encrypt and decrypt a content master key" do
@@ -16,7 +16,7 @@ shared_examples "encryption and decryption" do |enc_class|
     encrypter = enc_class.new(key.public_key.to_der)
     decrypter = enc_class.new(key.to_der)
     key = "an encryption key"
-    decrypter.decrypt_key(encrypter.encrypt_key(key)).should == key
+    expect(decrypter.decrypt_key(encrypter.encrypt_key(key))).to eq(key)
   end
 
   it "can use PEM-encoded keys to encrypt and decrypt a content master key" do
@@ -24,7 +24,7 @@ shared_examples "encryption and decryption" do |enc_class|
     encrypter = enc_class.new(key.public_key.to_pem)
     decrypter = enc_class.new(key.to_pem)
     key = "an encryption key"
-    decrypter.decrypt_key(encrypter.encrypt_key(key)).should == key
+    expect(decrypter.decrypt_key(encrypter.encrypt_key(key))).to eq(key)
   end
 
   context "#decrypt_key" do
@@ -61,7 +61,7 @@ describe Sandal::Enc::Alg::RSA1_5 do
   context "#name" do
     it "is 'RSA1_5'" do
       alg = Sandal::Enc::Alg::RSA1_5.new(OpenSSL::PKey::RSA.new(2048))
-      alg.name.should == "RSA1_5"
+      expect(alg.name).to eq("RSA1_5")
     end
   end
 
@@ -70,19 +70,19 @@ describe Sandal::Enc::Alg::RSA1_5 do
       key = [4, 211, 31, 197, 84, 157, 252, 254, 11, 100, 157, 250, 63, 170, 106, 206, 107, 124, 212, 45, 111, 107, 9, 219, 200, 177, 0, 240, 143, 156, 44, 207].pack("C*")
       encrypted_key = [80, 104, 72, 58, 11, 130, 236, 139, 132, 189, 255, 205, 61, 86, 151, 176, 99, 40, 44, 233, 176, 189, 205, 70, 202, 169, 72, 40, 226, 181, 156, 223, 120, 156, 115, 232, 150, 209, 145, 133, 104, 112, 237, 156, 116, 250, 65, 102, 212, 210, 103, 240, 177, 61, 93, 40, 71, 231, 223, 226, 240, 157, 15, 31, 150, 89, 200, 215, 198, 203, 108, 70, 117, 66, 212, 238, 193, 205, 23, 161, 169, 218, 243, 203, 128, 214, 127, 253, 215, 139, 43, 17, 135, 103, 179, 220, 28, 2, 212, 206, 131, 158, 128, 66, 62, 240, 78, 186, 141, 125, 132, 227, 60, 137, 43, 31, 152, 199, 54, 72, 34, 212, 115, 11, 152, 101, 70, 42, 219, 233, 142, 66, 151, 250, 126, 146, 141, 216, 190, 73, 50, 177, 146, 5, 52, 247, 28, 197, 21, 59, 170, 247, 181, 89, 131, 241, 169, 182, 246, 99, 15, 36, 102, 166, 182, 172, 197, 136, 230, 120, 60, 58, 219, 243, 149, 94, 222, 150, 154, 194, 110, 227, 225, 112, 39, 89, 233, 112, 207, 211, 241, 124, 174, 69, 221, 179, 107, 196, 225, 127, 167, 112, 226, 12, 242, 16, 24, 28, 120, 182, 244, 213, 244, 153, 194, 162, 69, 160, 244, 248, 63, 165, 141, 4, 207, 249, 193, 79, 131, 0, 169, 233, 127, 167, 101, 151, 125, 56, 112, 111, 248, 29, 232, 90, 29, 147, 110, 169, 146, 114, 165, 204, 71, 136, 41, 252].pack("C*")
       alg = Sandal::Enc::Alg::RSA1_5.new(SampleKeys.jwe_draft11_appendix2_rsa)
-      alg.decrypt_key(encrypted_key).should == key
+      expect(alg.decrypt_key(encrypted_key)).to eq(key)
     end
   end
 
 end
 
-describe Sandal::Enc::Alg::RSA_OAEP do 
-  include_examples "encryption and decryption", Sandal::Enc::Alg::RSA_OAEP 
+describe Sandal::Enc::Alg::RSA_OAEP do
+  include_examples "encryption and decryption", Sandal::Enc::Alg::RSA_OAEP
 
   context "#name" do
     it "is 'RSA-OAEP'" do
       alg = Sandal::Enc::Alg::RSA_OAEP.new(OpenSSL::PKey::RSA.new(2048))
-      alg.name.should == "RSA-OAEP"
+      expect(alg.name).to eq("RSA-OAEP")
     end
   end
 
@@ -91,7 +91,7 @@ describe Sandal::Enc::Alg::RSA_OAEP do
       key = [177, 161, 244, 128, 84, 143, 225, 115, 63, 180, 3, 255, 107, 154, 212, 246, 138, 7, 110, 91, 112, 46, 34, 105, 47, 130, 203, 46, 122, 234, 64, 252].pack("C*")
       encrypted_key = [56, 163, 154, 192, 58, 53, 222, 4, 105, 218, 136, 218, 29, 94, 203, 22, 150, 92, 129, 94, 211, 232, 53, 89, 41, 60, 138, 56, 196, 216, 82, 98, 168, 76, 37, 73, 70, 7, 36, 8, 191, 100, 136, 196, 244, 220, 145, 158, 138, 155, 4, 117, 141, 230, 199, 247, 173, 45, 182, 214, 74, 177, 107, 211, 153, 11, 205, 196, 171, 226, 162, 128, 171, 182, 13, 237, 239, 99, 193, 4, 91, 219, 121, 223, 107, 167, 61, 119, 228, 173, 156, 137, 134, 200, 80, 219, 74, 253, 56, 185, 91, 177, 34, 158, 89, 154, 205, 96, 55, 18, 138, 43, 96, 218, 215, 128, 124, 75, 138, 243, 85, 25, 109, 117, 140, 26, 155, 249, 67, 167, 149, 231, 100, 6, 41, 65, 214, 251, 232, 87, 72, 40, 182, 149, 154, 168, 31, 193, 126, 215, 89, 28, 111, 219, 125, 182, 139, 235, 195, 197, 23, 234, 55, 58, 63, 180, 68, 202, 206, 149, 75, 205, 248, 176, 67, 39, 178, 60, 98, 193, 32, 238, 122, 96, 158, 222, 57, 183, 111, 210, 55, 188, 215, 206, 180, 166, 150, 166, 106, 250, 55, 229, 72, 40, 69, 214, 216, 104, 23, 40, 135, 212, 28, 127, 41, 80, 175, 174, 168, 115, 171, 197, 89, 116, 92, 103, 246, 83, 216, 182, 176, 84, 37, 147, 35, 45, 219, 172, 99, 226, 233, 73, 37, 124, 42, 72, 49, 242, 35, 127, 184, 134, 117, 114, 135, 206].pack("C*")
       alg = Sandal::Enc::Alg::RSA_OAEP.new(SampleKeys.jwe_draft11_appendix1_rsa)
-      alg.decrypt_key(encrypted_key).should == key
+      expect(alg.decrypt_key(encrypted_key)).to eq(key)
     end
   end
 

data/spec/sandal/enc/shared_examples.rb

@@ -9,7 +9,7 @@ shared_examples "algorithm compatibility" do |enc_class|
     enc = enc_class.new(Sandal::Enc::Alg::Direct.new(content_encryption_key))
     token = enc.encrypt("", payload)
     output = enc.decrypt(token)
-    output.should == payload
+    expect(output).to eq(payload)
   end
 
   it "can encrypt and decrypt tokens with the RSA1_5 algorithm" do
@@ -19,7 +19,7 @@ shared_examples "algorithm compatibility" do |enc_class|
     token = encrypter.encrypt("", payload)
     decrypter = enc_class.new(Sandal::Enc::Alg::RSA1_5.new(rsa))
     output = decrypter.decrypt(token)
-    output.should == payload
+    expect(output).to eq(payload)
   end
 
   it "can encrypt and decrypt tokens with the RSA-OAEP algorithm" do
@@ -29,7 +29,7 @@ shared_examples "algorithm compatibility" do |enc_class|
     token = encrypter.encrypt("", payload)
     decrypter = enc_class.new(Sandal::Enc::Alg::RSA_OAEP.new(rsa))
     output = decrypter.decrypt(token)
-    output.should == payload
+    expect(output).to eq(payload)
   end
 
 end

data/spec/sandal/sig/es_spec.rb

@@ -16,44 +16,44 @@ shared_examples "signing and validation" do |enc_class|
 
   it "can sign data and validate signatures" do
     data = "some data to sign"
-    group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME) 
+    group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME)
     private_key = OpenSSL::PKey::EC.new(group).generate_key
     signer = enc_class.new(private_key)
     signature = signer.sign(data)
     public_key = OpenSSL::PKey::EC.new(group)
     public_key.public_key = private_key.public_key
     validator = enc_class.new(public_key)
-    validator.valid?(signature, data).should == true
+    expect(validator.valid?(signature, data)).to eq(true)
   end
 
   it "can use DER-encoded keys to sign data and validate signatures" do
     data = "some data to sign"
-    group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME) 
+    group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME)
     private_key = OpenSSL::PKey::EC.new(group).generate_key
     signer = enc_class.new(private_key.to_der)
     signature = signer.sign(data)
     public_key = OpenSSL::PKey::EC.new(group)
     public_key.public_key = private_key.public_key
     validator = enc_class.new(public_key.to_der)
-    validator.valid?(signature, data).should == true
+    expect(validator.valid?(signature, data)).to eq(true)
   end
 
   it "can use PEM-encoded keys to sign data and validate signatures" do
     data = "some data to sign"
-    group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME) 
+    group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME)
     private_key = OpenSSL::PKey::EC.new(group).generate_key
     signer = enc_class.new(private_key.to_pem)
     signature = signer.sign(data)
     public_key = OpenSSL::PKey::EC.new(group)
     public_key.public_key = private_key.public_key
     validator = enc_class.new(public_key.to_pem)
-    validator.valid?(signature, data).should == true
+    expect(validator.valid?(signature, data)).to eq(true)
   end
 
   context "#initialize" do
 
     it "raises an argument error if the key has the wrong curve" do
-      group = OpenSSL::PKey::EC::Group.new("secp224k1") 
+      group = OpenSSL::PKey::EC::Group.new("secp224k1")
       private_key = OpenSSL::PKey::EC.new(group).generate_key
       expect { enc_class.new(private_key) }.to raise_error ArgumentError
     end
@@ -62,39 +62,39 @@ shared_examples "signing and validation" do |enc_class|
 
   context "#valid?" do
 
-    it "fails to validate the signature when the key is changed" do 
+    it "fails to validate the signature when the key is changed" do
       data = "some data to sign"
-      group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME) 
+      group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME)
       private_key = OpenSSL::PKey::EC.new(group).generate_key
       signer = enc_class.new(private_key)
       signature = signer.sign(data)
       public_key = OpenSSL::PKey::EC.new(group).generate_key
       validator = enc_class.new(public_key)
-      validator.valid?(signature, data).should == false
+      expect(validator.valid?(signature, data)).to eq(false)
     end
 
-    it "fails to validate the signature when the signature is changed" do 
+    it "fails to validate the signature when the signature is changed" do
       data = "some data to sign"
-      group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME) 
+      group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME)
       private_key = OpenSSL::PKey::EC.new(group).generate_key
       signer = enc_class.new(private_key)
       signature = signer.sign(data)
       public_key = OpenSSL::PKey::EC.new(group)
       public_key.public_key = private_key.public_key
       validator = enc_class.new(public_key)
-      validator.valid?(signature + "x", data).should == false
+      expect(validator.valid?(signature + "x", data)).to eq(false)
     end
 
-    it "fails to validate the signature when the data is changed" do 
+    it "fails to validate the signature when the data is changed" do
       data = "some data to sign"
-      group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME) 
+      group = OpenSSL::PKey::EC::Group.new(enc_class::CURVE_NAME)
       private_key = OpenSSL::PKey::EC.new(group).generate_key
       signer = enc_class.new(private_key)
       signature = signer.sign(data)
       public_key = OpenSSL::PKey::EC.new(group)
       public_key.public_key = private_key.public_key
       validator = enc_class.new(public_key)
-      validator.valid?(signature, data + "x").should == false
+      expect(validator.valid?(signature, data + "x")).to eq(false)
     end
 
   end
@@ -110,7 +110,7 @@ describe Sandal::Sig::ES do
       s = make_bn([197, 10, 7, 211, 140, 60, 112, 229, 216, 241, 45, 175, 8, 74, 84, 128, 166, 101, 144, 197, 242, 147, 80, 154, 143, 63, 127, 138, 131, 163, 84, 213])
       signature = Sandal::Sig::ES.encode_jws_signature(r, s, 256)
       base64_signature = Sandal::Util.jwt_base64_encode(signature)
-      base64_signature.should == "DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSApmWQxfKTUJqPP3-Kg6NU1Q"
+      expect(base64_signature).to eq("DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSApmWQxfKTUJqPP3-Kg6NU1Q")
     end
 
     it "can encode the signature in JWS draft-11 appendix 4" do
@@ -118,7 +118,7 @@ describe Sandal::Sig::ES do
       s = make_bn([0, 111, 6, 105, 44, 5, 41, 208, 128, 61, 152, 40, 92, 61, 152, 4, 150, 66, 60, 69, 247, 196, 170, 81, 193, 199, 78, 59, 194, 169, 16, 124, 9, 143, 42, 142, 131, 48, 206, 238, 34, 175, 83, 203, 220, 159, 3, 107, 155, 22, 27, 73, 111, 68, 68, 21, 238, 144, 229, 232, 148, 188, 222, 59, 242, 103])
       signature = Sandal::Sig::ES.encode_jws_signature(r, s, 521)
       base64_signature = Sandal::Util.jwt_base64_encode(signature)
-      base64_signature.should == "AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZqwqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8KpEHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn"
+      expect(base64_signature).to eq("AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZqwqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8KpEHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn")
     end
 
   end
@@ -131,7 +131,7 @@ describe Sandal::Sig::ES256 do
   context "#name" do
     it "is 'ES256'" do
       enc = Sandal::Sig::ES256.new(OpenSSL::PKey::EC.new("prime256v1").generate_key)
-      enc.name.should == "ES256"
+      expect(enc.name).to eq("ES256")
     end
   end
 
@@ -144,11 +144,11 @@ describe Sandal::Sig::ES256 do
       data = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"
       signature = Sandal::Util.jwt_base64_decode("DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSApmWQxfKTUJqPP3-Kg6NU1Q")
 
-      group = OpenSSL::PKey::EC::Group.new("prime256v1") 
+      group = OpenSSL::PKey::EC::Group.new("prime256v1")
       public_key = OpenSSL::PKey::EC.new(group)
       public_key.public_key = make_point(group, x, y)
       validator = Sandal::Sig::ES256.new(public_key)
-      validator.valid?(signature, data).should == true
+      expect(validator.valid?(signature, data)).to eq(true)
     end
 
   end
@@ -161,7 +161,7 @@ describe Sandal::Sig::ES384 do
   context "#name" do
     it "is 'ES384'" do
       enc = Sandal::Sig::ES384.new(OpenSSL::PKey::EC.new("secp384r1").generate_key)
-      enc.name.should == "ES384"
+      expect(enc.name).to eq("ES384")
     end
   end
 
@@ -173,7 +173,7 @@ describe Sandal::Sig::ES512 do
   context "#name" do
     it "is 'ES512'" do
       enc = Sandal::Sig::ES512.new(OpenSSL::PKey::EC.new("secp521r1").generate_key)
-      enc.name.should == "ES512"
+      expect(enc.name).to eq("ES512")
     end
   end
 
@@ -186,11 +186,11 @@ describe Sandal::Sig::ES512 do
       data = "eyJhbGciOiJFUzUxMiJ9.UGF5bG9hZA"
       signature = Sandal::Util.jwt_base64_decode("AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZqwqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8KpEHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn")
 
-      group = OpenSSL::PKey::EC::Group.new("secp521r1") 
+      group = OpenSSL::PKey::EC::Group.new("secp521r1")
       public_key = OpenSSL::PKey::EC.new(group)
       public_key.public_key = make_point(group, x, y)
       validator = Sandal::Sig::ES512.new(public_key)
-      validator.valid?(signature, data).should == true
+      expect(validator.valid?(signature, data)).to eq(true)
     end
 
   end

data/spec/sandal/sig/hs_spec.rb

@@ -8,7 +8,7 @@ shared_examples "signing and validation" do |enc_class|
     key = "A secret key"
     signer = enc_class.new(key)
     signature = signer.sign(data)
-    signer.valid?(signature, data).should == true
+    expect(signer.valid?(signature, data)).to eq(true)
   end
 
   context "#valid?" do
@@ -19,7 +19,7 @@ shared_examples "signing and validation" do |enc_class|
       signer = enc_class.new(key)
       signature = signer.sign(data)
       verifier = enc_class.new(key + "x")
-      verifier.valid?(signature, data).should == false
+      expect(verifier.valid?(signature, data)).to eq(false)
     end
 
     it "fails to validate the signature when the signature is changed" do
@@ -27,7 +27,7 @@ shared_examples "signing and validation" do |enc_class|
       key = "Another secret key"
       signer = enc_class.new(key)
       signature = signer.sign(data)
-      signer.valid?(signature + "x", data).should == false
+      expect(signer.valid?(signature + "x", data)).to eq(false)
     end
 
     it "fails to validate the signature when the data is changed" do
@@ -35,7 +35,7 @@ shared_examples "signing and validation" do |enc_class|
       key = "Another secret key"
       signer = enc_class.new(key)
       signature = signer.sign(data)
-      signer.valid?(signature, data + "x").should == false
+      expect(signer.valid?(signature, data + "x")).to eq(false)
     end
 
   end
@@ -48,7 +48,7 @@ describe Sandal::Sig::HS256 do
   context "#name" do
     it "is 'HS256'" do
       enc = Sandal::Sig::HS256.new("any old key")
-      enc.name.should == "HS256"
+      expect(enc.name).to eq("HS256")
     end
   end
 
@@ -57,7 +57,7 @@ describe Sandal::Sig::HS256 do
     key = [3, 35, 53, 75, 43, 15, 165, 188, 131, 126, 6, 101, 119, 123, 166, 143, 90, 179, 40, 230, 240, 84, 201, 40, 169, 15, 132, 178, 210, 80, 46, 191, 211, 251, 90, 146, 210, 6, 71, 239, 150, 138, 180, 195, 119, 98, 61, 34, 61, 46, 33, 114, 5, 46, 79, 8, 192, 205, 154, 245, 103, 208, 128, 163].pack("C*")
     signer = Sandal::Sig::HS256.new(key)
     signature = [116, 24, 223, 180, 151, 153, 224, 37, 79, 250, 96, 125, 216, 173, 187, 186, 22, 212, 37, 77, 105, 214, 191, 240, 91, 88, 5, 88, 83, 132, 141, 121].pack("C*") 
-    signer.valid?(signature, data).should == true
+    expect(signer.valid?(signature, data)).to eq(true)
   end
 
 end
@@ -68,7 +68,7 @@ describe Sandal::Sig::HS384 do
   context "#name" do
     it "is 'HS384'" do
       enc = Sandal::Sig::HS384.new("any old key")
-      enc.name.should == "HS384"
+      expect(enc.name).to eq("HS384")
     end
   end
 
@@ -80,7 +80,7 @@ describe Sandal::Sig::HS512 do
   context "#name" do
     it "is 'HS512'" do
       enc = Sandal::Sig::HS512.new("any old key")
-      enc.name.should == "HS512"
+      expect(enc.name).to eq("HS512")
     end
   end
   

data/spec/sandal/sig/rs_spec.rb

@@ -9,7 +9,7 @@ shared_examples "signing and validation" do |enc_class|
     signer = enc_class.new(private_key)
     signature = signer.sign(data)
     validator = enc_class.new(private_key.public_key)
-    validator.valid?(signature, data).should == true
+    expect(validator.valid?(signature, data)).to eq(true)
   end
 
   it "can use DER-encoded keys to sign data and validate signatures" do
@@ -18,7 +18,7 @@ shared_examples "signing and validation" do |enc_class|
     signer = enc_class.new(private_key.to_der)
     signature = signer.sign(data)
     validator = enc_class.new(private_key.public_key.to_der)
-    validator.valid?(signature, data).should == true
+    expect(validator.valid?(signature, data)).to eq(true)
   end
 
   it "can use PEM-encoded keys to sign data and validate signatures" do
@@ -27,7 +27,7 @@ shared_examples "signing and validation" do |enc_class|
     signer = enc_class.new(private_key.to_pem)
     signature = signer.sign(data)
     validator = enc_class.new(private_key.public_key.to_pem)
-    validator.valid?(signature, data).should == true
+    expect(validator.valid?(signature, data)).to eq(true)
   end
 
   context "#valid?" do
@@ -37,7 +37,7 @@ shared_examples "signing and validation" do |enc_class|
       signer = enc_class.new(OpenSSL::PKey::RSA.generate(2048))
       signature = signer.sign(data)
       validator = enc_class.new(OpenSSL::PKey::RSA.generate(2048).public_key)
-      validator.valid?(signature, data).should == false
+      expect(validator.valid?(signature, data)).to eq(false)
     end
 
     it "fails to validate the signature when the signature is changed" do
@@ -46,7 +46,7 @@ shared_examples "signing and validation" do |enc_class|
       signer = enc_class.new(private_key)
       signature = signer.sign(data)
       validator = enc_class.new(private_key.public_key)
-      validator.valid?(signature + "x", data).should == false
+      expect(validator.valid?(signature + "x", data)).to eq(false)
     end
 
     it "fails to validate the signature when the data is changed" do
@@ -55,7 +55,7 @@ shared_examples "signing and validation" do |enc_class|
       signer = enc_class.new(private_key)
       signature = signer.sign(data)
       validator = enc_class.new(private_key.public_key)
-      validator.valid?(signature, data + "x").should == false
+      expect(validator.valid?(signature, data + "x")).to eq(false)
     end
 
   end
@@ -72,13 +72,13 @@ describe Sandal::Sig::RS256 do
     signer = Sandal::Sig::RS384.new(private_key)
     signature = signer.sign(data)
     validator = Sandal::Sig::RS384.new(private_key.public_key)
-    validator.valid?(signature, data).should == true
+    expect(validator.valid?(signature, data)).to eq(true)
   end 
 
   context "#name" do
     it "is 'RS256'" do
       enc = Sandal::Sig::RS256.new(OpenSSL::PKey::RSA.generate(2048))
-      enc.name.should == "RS256"
+      expect(enc.name).to eq("RS256")
     end
   end
 
@@ -90,7 +90,7 @@ describe Sandal::Sig::RS384 do
   context "#name" do
     it "is 'RS384'" do
       enc = Sandal::Sig::RS384.new(OpenSSL::PKey::RSA.generate(2048))
-      enc.name.should == "RS384"
+      expect(enc.name).to eq("RS384")
     end
   end
 
@@ -102,7 +102,7 @@ describe Sandal::Sig::RS512 do
   context "#name" do
     it "is 'RS512'" do
       enc = Sandal::Sig::RS512.new(OpenSSL::PKey::RSA.generate(2048))
-      enc.name.should == "RS512"
+      expect(enc.name).to eq("RS512")
     end
   end
   

data/spec/sandal/util_spec.rb

@@ -9,7 +9,7 @@ describe Sandal::Util do
     it 'decodes base64 as per JWT example 6.1' do
       encoded = 'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ'
       val = Sandal::Util.jwt_base64_decode(encoded)
-      val.should == %!{"iss":"joe",\r\n "exp":1300819380,\r\n "http://example.com/is_root":true}!
+      expect(val).to eq(%!{"iss":"joe",\r\n "exp":1300819380,\r\n "http://example.com/is_root":true}!)
     end
 
     it 'raises an ArgumentError if base64 strings contain padding' do
@@ -27,7 +27,7 @@ describe Sandal::Util do
     it 'encodes base64 as per JWT example 6.1' do
       src =  %!{"iss":"joe",\r\n "exp":1300819380,\r\n "http://example.com/is_root":true}!
       encoded = Sandal::Util.jwt_base64_encode(src)
-      encoded.should == 'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ'
+      expect(encoded).to eq('eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ')
     end
 
   end
@@ -35,31 +35,31 @@ describe Sandal::Util do
   context '#jwt_strings_equal?' do
 
     it 'compares nil strings as equal' do
-      Sandal::Util.jwt_strings_equal?(nil, nil).should == true
+      expect(Sandal::Util.jwt_strings_equal?(nil, nil)).to eq(true)
     end
 
     it 'compares empty strings as equal' do
-      Sandal::Util.jwt_strings_equal?('', '').should == true
+      expect(Sandal::Util.jwt_strings_equal?('', '')).to eq(true)
     end
 
     it 'compares nil strings as unequal to empty strings' do
-      Sandal::Util.jwt_strings_equal?(nil, '').should == false
-      Sandal::Util.jwt_strings_equal?('', nil).should == false
+      expect(Sandal::Util.jwt_strings_equal?(nil, '')).to eq(false)
+      expect(Sandal::Util.jwt_strings_equal?('', nil)).to eq(false)
     end
 
     it 'compares equal strings as equal' do
-      Sandal::Util.jwt_strings_equal?('hello', 'hello').should == true
-      Sandal::Util.jwt_strings_equal?('a longer string', 'a longer string').should == true
+      expect(Sandal::Util.jwt_strings_equal?('hello', 'hello')).to eq(true)
+      expect(Sandal::Util.jwt_strings_equal?('a longer string', 'a longer string')).to eq(true)
     end
 
     it 'compares unequal strings as unequal' do
-      Sandal::Util.jwt_strings_equal?('hello', 'world').should == false
-      Sandal::Util.jwt_strings_equal?('a longer string', 'a different longer string').should == false
+      expect(Sandal::Util.jwt_strings_equal?('hello', 'world')).to eq(false)
+      expect(Sandal::Util.jwt_strings_equal?('a longer string', 'a different longer string')).to eq(false)
     end
 
     it 'compares strings without short-circuiting', :timing_dependent do
       measure_equals = -> a, b do
-        Benchmark.realtime { 100.times { Sandal::Util.jwt_strings_equal?(a, b) } } 
+        Benchmark.realtime { 100.times { Sandal::Util.jwt_strings_equal?(a, b) } }
       end
       ref = 'a' * 10000
       cmp1 = ('a' * 9999) + 'b'
@@ -67,7 +67,7 @@ describe Sandal::Util do
       t1 = measure_equals.(ref, cmp1)
       t2 = measure_equals.(ref, cmp2)
       range = (t1 - t1/20.0)..(t1 + t1/20.0)
-      range.should === t2
+      expect(range).to be === t2
     end
 
   end

data/spec/sandal_spec.rb

@@ -1,6 +1,5 @@
 require 'helper'
 require 'openssl'
-require 'multi_json'
 
 describe Sandal do
 
@@ -11,23 +10,23 @@ describe Sandal do
       private_key = OpenSSL::PKey::RSA.new(2048)
       encrypter = Sandal::Enc::A128CBC_HS256.new(Sandal::Enc::Alg::RSA1_5.new(private_key.public_key))
       token = Sandal.encrypt_token(payload, encrypter, { 'zip' => 'DEF' })
-      decoded_payload = Sandal.decode_token(token) do |header| 
+      decoded_payload = Sandal.decode_token(token) do |header|
         Sandal::Enc::A128CBC_HS256.new(Sandal::Enc::Alg::RSA1_5.new(private_key))
       end
-      decoded_payload.should == payload
+      expect(decoded_payload).to eq(payload)
     end
 
     it 'raises an ArgumentError if the zip parameter is present and nil' do
       encrypter = Sandal::Enc::A128CBC_HS256.new(Sandal::Enc::Alg::RSA1_5.new(OpenSSL::PKey::RSA.new(2048)))
-      expect { 
-        Sandal.encrypt_token('any payload', encrypter, { 'zip' => nil }) 
+      expect {
+        Sandal.encrypt_token('any payload', encrypter, { 'zip' => nil })
       }.to raise_error ArgumentError, 'Invalid zip algorithm.'
     end
 
     it 'raises an ArgumentError if the zip parameter is present and not "DEF"' do
       encrypter = Sandal::Enc::A128CBC_HS256.new(Sandal::Enc::Alg::RSA1_5.new(OpenSSL::PKey::RSA.new(2048)))
-      expect { 
-        Sandal.encrypt_token('any payload', encrypter, { 'zip' => 'INVALID' }) 
+      expect {
+        Sandal.encrypt_token('any payload', encrypter, { 'zip' => 'INVALID' })
       }.to raise_error ArgumentError, 'Invalid zip algorithm.'
     end
 
@@ -35,7 +34,7 @@ describe Sandal do
 
   it 'raises a token error when the token format is invalid' do
     expect { Sandal.decode_token('not a valid token') }.to raise_error Sandal::TokenError
-  end  
+  end
 
   it 'raises a token error when the token encoding is invalid' do
     expect { Sandal.decode_token('an.invalid.token') }.to raise_error Sandal::TokenError
@@ -45,24 +44,24 @@ describe Sandal do
     payload = 'Hello, World'
     token = Sandal.encode_token(payload, nil)
     decoded_payload = Sandal.decode_token(token)
-    decoded_payload.should == payload
+    expect(decoded_payload).to eq(payload)
   end
 
   it 'encodes and decodes tokens with "none" signature' do
     payload = 'Hello, World'
     token = Sandal.encode_token(payload, Sandal::Sig::None.instance)
     decoded_payload = Sandal.decode_token(token)
-    decoded_payload.should == payload
+    expect(decoded_payload).to eq(payload)
   end
 
   it 'decodes non-JSON payloads to a String' do
     token = Sandal.encode_token('not valid json', nil)
-    Sandal.decode_token(token).class.should.kind_of? String
+    expect(Sandal.decode_token(token)).to be_kind_of String
   end
 
   it 'decodes JSON payloads to a Hash' do
     token = Sandal.encode_token({ 'valid' => 'json' }, nil)
-    Sandal.decode_token(token).class.should.kind_of? Hash
+    expect(Sandal.decode_token(token)).to be_kind_of Hash
   end
 
   it 'raises a claim error when the expiry date is far in the past' do
@@ -77,7 +76,7 @@ describe Sandal do
 
   it 'does not raise an error when the expiry date is in the past but validation is disabled' do
     token = Sandal.encode_token({ 'exp' => (Time.now - 600).to_i }, nil)
-    Sandal.decode_token(token) do |header, options| 
+    Sandal.decode_token(token) do |header, options|
       options[:ignore_exp] = true
       nil
     end
@@ -108,7 +107,7 @@ describe Sandal do
 
   it 'does not raise an error when the not-before date is in the future but validation is disabled' do
     token = Sandal.encode_token({ 'nbf' => (Time.now + 600).to_i }, nil)
-    Sandal.decode_token(token) do |header, options| 
+    Sandal.decode_token(token) do |header, options|
       options[:ignore_nbf] = true
       nil
     end
@@ -129,15 +128,15 @@ describe Sandal do
 
   it 'raises a claim error when the issuer is not valid' do
     token = Sandal.encode_token({ 'iss' => 'example.org' }, nil)
-    expect { Sandal.decode_token(token) do |header, options| 
-      options[:valid_iss] = ['example.net'] 
+    expect { Sandal.decode_token(token) do |header, options|
+      options[:valid_iss] = ['example.net']
       nil
     end }.to raise_error Sandal::ClaimError
   end
 
   it 'does not raise an error when the issuer is valid' do
     token = Sandal.encode_token({ 'iss' => 'example.org' }, nil)
-    Sandal.decode_token(token) do |header, options| 
+    Sandal.decode_token(token) do |header, options|
       options[:valid_iss] = ['example.org', 'example.com']
       nil
     end
@@ -145,32 +144,32 @@ describe Sandal do
 
   it 'raises a claim error when the audience string is not valid' do
     token = Sandal.encode_token({ 'aud' => 'example.com' }, nil)
-    expect { Sandal.decode_token(token) do |header, options| 
-      options[:valid_aud] = ['example.net'] 
+    expect { Sandal.decode_token(token) do |header, options|
+      options[:valid_aud] = ['example.net']
       nil
     end }.to raise_error Sandal::ClaimError
   end
 
   it 'raises a claim error when the audience array is not valid' do
     token = Sandal.encode_token({ 'aud' => ['example.org', 'example.com'] }, nil)
-    expect { Sandal.decode_token(token) do |header, options| 
-      options[:valid_aud] = ['example.net'] 
+    expect { Sandal.decode_token(token) do |header, options|
+      options[:valid_aud] = ['example.net']
       nil
     end }.to raise_error Sandal::ClaimError
   end
 
   it 'does not raise an error when the audience string is valid' do
     token = Sandal.encode_token({ 'aud' => 'example.net' }, nil)
-    Sandal.decode_token(token) do |header, options| 
-      options[:valid_aud] = ['example.net'] 
+    Sandal.decode_token(token) do |header, options|
+      options[:valid_aud] = ['example.net']
       nil
     end
   end
 
   it 'does not raise an error when the audience array is valid' do
     token = Sandal.encode_token({ 'aud' => ['example.com', 'example.net'] }, nil)
-    Sandal.decode_token(token) do |header, options| 
-      options[:valid_aud] = ['example.net'] 
+    Sandal.decode_token(token) do |header, options|
+      options[:valid_aud] = ['example.net']
       nil
     end
   end
@@ -180,7 +179,7 @@ describe Sandal do
     private_key = OpenSSL::PKey::RSA.generate(2048)
     token = Sandal.encode_token(payload, Sandal::Sig::RS256.new(private_key))
     decoded_payload = Sandal.decode_token(token) { |header| Sandal::Sig::RS256.new(private_key.public_key) }
-    decoded_payload.should == payload
+    expect(decoded_payload).to eq(payload)
   end
 
   it 'encodes and decodes tokens with RS384 signatures' do
@@ -188,7 +187,7 @@ describe Sandal do
     private_key = OpenSSL::PKey::RSA.generate(2048)
     token = Sandal.encode_token(payload, Sandal::Sig::RS384.new(private_key))
     decoded_payload = Sandal.decode_token(token) { |header| Sandal::Sig::RS384.new(private_key.public_key) }
-    decoded_payload.should == payload
+    expect(decoded_payload).to eq(payload)
   end
 
   it 'encodes and decodes tokens with RS512 signatures' do
@@ -196,7 +195,7 @@ describe Sandal do
     private_key = OpenSSL::PKey::RSA.generate(2048)
     token = Sandal.encode_token(payload, Sandal::Sig::RS512.new(private_key))
     decoded_payload = Sandal.decode_token(token) { |header| Sandal::Sig::RS512.new(private_key.public_key) }
-    decoded_payload.should == payload
+    expect(decoded_payload).to eq(payload)
   end
 
 end

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: sandal
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.5.2
 platform: ruby
 authors:
 - Greg Beech
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-06-11 00:00:00.000000000 Z
+date: 2014-02-03 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: multi_json
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '1.7'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '1.7'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -150,6 +136,7 @@ files:
 - lib/sandal/enc/alg.rb
 - lib/sandal/enc/alg/direct.rb
 - lib/sandal/enc/alg/rsa.rb
+- lib/sandal/json.rb
 - lib/sandal/sig.rb
 - lib/sandal/sig/es.rb
 - lib/sandal/sig/hs.rb
@@ -193,7 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements:
 - openssl 1.0.1c for EC signature methods
 rubyforge_project: 
-rubygems_version: 2.0.3
+rubygems_version: 2.2.0
 signing_key: 
 specification_version: 4
 summary: A JSON Web Token (JWT) library.