vonage-jwt 0.1.3 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4e64f9df01478c092cf5f950c5fb61d56227a558cba788a693cffad050ed5a66
-  data.tar.gz: f72bd42ca910f5f6df52781eeb3d8d1ca658c261833bbe5ab68b3ef8f2571014
+  metadata.gz: ddf304ba0c31efdaf0da2618355b23f5800cb7dd07ed2d19d613e624bd577131
+  data.tar.gz: 1786f96a4dfcad228ee5b6583b0db99806cc545206f5db6eff4832c4fd702ad8
 SHA512:
-  metadata.gz: e0fb624c08c1c06db4def2a97b50a10add0392f89f6279de7c5b70c987881f510720202b6b84a3d9365a61b32f43fb3783ed30aa95a31a5adc7d1bf08dcf5444
-  data.tar.gz: faa02b4e295b2a850191a956dbbe526c7feb498e3a51cd4ada6d9d66823036846e418092b06bf020e8cb7474bfa1f886a4fa47b30e2e746276ce49f62a9b6c43
+  metadata.gz: a2ff24275b3b26cb6c47ab9b50c8279ceef69286d1628919f062c29356f936bf35552cf06371727073dfcd959fb699f79b4fa3cdd94e0f7353bca372d945c24e
+  data.tar.gz: eea38e2c24d80c04b75e1ff293ff3110743224cd948f2016c5b6640db7ec4ab7ee5a488e09e1f382e45dd4e69086177ab6359def24e6dc9f6c76eb063f75e630

data/README.md

@@ -27,9 +27,11 @@ Alternatively you can clone the repository:
 
 ## Usage
 
+### Generating a JWT
+
 By default the Vonage JWT generator creates a short lived JWT (15 minutes) per request.
 To generate a long lived JWT for multiple requests, specify a longer value in the `exp`
-parameter during initialization. 
+parameter during initialization.
 
 Example with no custom configuration:
 
@@ -51,10 +53,10 @@ Example providing custom configuration options:
         "/messages": {
           "methods": ["POST", "GET"],
           "filters": {
-            "from": "447977271009"  
-          }     
-        }  
-      }   
+            "from": "447977271009"
+          }
+        }
+      }
     }
   },
   subject: 'My_Custom_Subject'
@@ -62,6 +64,28 @@ Example providing custom configuration options:
 @token = @builder.jwt.generate
 ```
 
+### Decoding a JWT
+
+You can decode a JWT like so:
+
+```ruby
+Vonage::JWT.decode(token, nil, false)
+```
+
+where `token` is the JWT that you want to decode. The `Vonage::JWT::decode` method is essentially just a wrapper around the `ruby-jwt` library method of the same name, and usage is identical to what is [documented for that library](https://github.com/jwt/ruby-jwt#algorithms-and-usage).
+
+### Verifying a Signature
+
+For JWTs that are signed, you can verify a JWT signature like so:
+
+```ruby
+Vonage::JWT.verify_signature(token, signature_secret, algorithm)
+```
+
+where `token` is the signed JWT, `signature_secret` is the secret or key required by whichever algorithm was used to sign the JWT, and `algorithm` is a string indicating the algorithm that was used to sign the JWT (e.g. `'HS256'`, `'RS256'`, etc)
+
+The method will return `true` if the signature is verified and `false` if it is not.
+
 ## Documentation
 
 Vonage Ruby JWT documentation: https://www.rubydoc.info/github/Vonage/vonage-jwt

data/lib/vonage-jwt/jwt.rb

@@ -29,5 +29,18 @@ module Vonage
       hash.merge!(generator.additional_claims) if !generator.additional_claims.empty?
       hash
     end
+
+    def self.decode(token, secret = nil, verify = true, opts = {}, &block)
+      ::JWT.decode(token, secret, verify, opts, &block)
+    end
+
+    def self.verify_signature(token, signature_secret, algorithm)
+      begin
+        decode(token, signature_secret, true, {algorithm: algorithm})
+        return true
+      rescue ::JWT::VerificationError
+        return false
+      end
+    end
   end
 end

data/lib/vonage-jwt/version.rb

@@ -2,6 +2,6 @@
 
 module Vonage
   class JWT
-    VERSION = '0.1.3'
+    VERSION = '0.2.0'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vonage-jwt
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.2.0
 platform: ruby
 authors:
 - Vonage
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-08-08 00:00:00.000000000 Z
+date: 2023-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt