Hello community,
here is the log from the commit of package rubygem-json-jwt for openSUSE:Factory checked in at 2019-03-04 09:19:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-json-jwt (Old)
and /work/SRC/openSUSE:Factory/.rubygem-json-jwt.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-json-jwt"
Mon Mar 4 09:19:57 2019 rev:4 rq:679520 version:1.10.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-json-jwt/rubygem-json-jwt.changes 2018-05-08 13:37:02.862186033 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-json-jwt.new.28833/rubygem-json-jwt.changes 2019-03-04 09:20:05.656604015 +0100
@@ -1,0 +2,6 @@
+Wed Dec 19 07:09:30 UTC 2018 - Stephan Kulow
+
+- updated to version 1.10.0
+ no changelog found
+
+-------------------------------------------------------------------
Old:
----
json-jwt-1.9.4.gem
New:
----
json-jwt-1.10.0.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-json-jwt.spec ++++++
--- /var/tmp/diff_new_pack.7mFkcx/_old 2019-03-04 09:20:06.520603859 +0100
+++ /var/tmp/diff_new_pack.7mFkcx/_new 2019-03-04 09:20:06.524603858 +0100
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -24,13 +24,13 @@
#
Name: rubygem-json-jwt
-Version: 1.9.4
+Version: 1.10.0
Release: 0
%define mod_name json-jwt
%define mod_full_name %{mod_name}-%{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRequires: %{ruby >= 2.3}
BuildRequires: %{rubygem gem2rpm}
-BuildRequires: %{ruby}
BuildRequires: ruby-macros >= 5
Url: https://github.com/nov/json-jwt
Source: https://rubygems.org/gems/%{mod_full_name}.gem
++++++ json-jwt-1.9.4.gem -> json-jwt-1.10.0.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.travis.yml new/.travis.yml
--- old/.travis.yml 2018-05-01 05:21:53.000000000 +0200
+++ new/.travis.yml 2018-12-14 04:18:35.000000000 +0100
@@ -3,9 +3,9 @@
- git submodule update --init --recursive
rvm:
- - 2.3.6
- - 2.4.3
- - 2.5.0
+ - 2.3.7
+ - 2.4.4
+ - 2.5.1
jdk:
- oraclejdk8
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/VERSION new/VERSION
--- old/VERSION 2018-05-01 05:21:53.000000000 +0200
+++ new/VERSION 2018-12-14 04:18:35.000000000 +0100
@@ -1 +1 @@
-1.9.4
\ No newline at end of file
+1.10.0
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/json-jwt.gemspec new/json-jwt.gemspec
--- old/json-jwt.gemspec 2018-05-01 05:21:53.000000000 +0200
+++ new/json-jwt.gemspec 2018-12-14 04:18:35.000000000 +0100
@@ -11,7 +11,8 @@
gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
gem.require_paths = ['lib']
- gem.add_runtime_dependency 'activesupport'
+ gem.required_ruby_version = '>= 2.3'
+ gem.add_runtime_dependency 'activesupport', '>= 4.2'
gem.add_runtime_dependency 'bindata'
gem.add_runtime_dependency 'aes_key_wrap'
gem.add_development_dependency 'rake'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json/jose.rb new/lib/json/jose.rb
--- old/lib/json/jose.rb 2018-05-01 05:21:53.000000000 +0200
+++ new/lib/json/jose.rb 2018-12-14 04:18:35.000000000 +0100
@@ -56,11 +56,11 @@
end
end
- def decode(input, key_or_secret = nil, algorithms = nil, encryption_methods = nil)
+ def decode(input, key_or_secret = nil, algorithms = nil, encryption_methods = nil, allow_blank_payload = false)
if input.is_a? Hash
- decode_json_serialized input, key_or_secret, algorithms, encryption_methods
+ decode_json_serialized input, key_or_secret, algorithms, encryption_methods, allow_blank_payload
else
- decode_compact_serialized input, key_or_secret, algorithms, encryption_methods
+ decode_compact_serialized input, key_or_secret, algorithms, encryption_methods, allow_blank_payload
end
rescue JSON::ParserError, ArgumentError
raise JWT::InvalidFormat.new("Invalid JSON Format")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json/jwe.rb new/lib/json/jwe.rb
--- old/lib/json/jwe.rb 2018-05-01 05:21:53.000000000 +0200
+++ new/lib/json/jwe.rb 2018-12-14 04:18:35.000000000 +0100
@@ -248,7 +248,7 @@
end
class << self
- def decode_compact_serialized(input, private_key_or_secret, algorithms = nil, encryption_methods = nil)
+ def decode_compact_serialized(input, private_key_or_secret, algorithms = nil, encryption_methods = nil, _allow_blank_payload = false)
unless input.count('.') + 1 == NUM_OF_SEGMENTS
raise InvalidFormat.new("Invalid JWE Format. JWE should include #{NUM_OF_SEGMENTS} segments.")
end
@@ -268,7 +268,7 @@
jwe
end
- def decode_json_serialized(input, private_key_or_secret, algorithms = nil, encryption_methods = nil)
+ def decode_json_serialized(input, private_key_or_secret, algorithms = nil, encryption_methods = nil, _allow_blank_payload = false)
input = input.with_indifferent_access
jwe_encrypted_key = if input[:recipients].present?
input[:recipients].first[:encrypted_key]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json/jws.rb new/lib/json/jws.rb
--- old/lib/json/jws.rb 2018-05-01 05:21:53.000000000 +0200
+++ new/lib/json/jws.rb 2018-12-14 04:18:35.000000000 +0100
@@ -35,6 +35,7 @@
if hash_or_jwt.is_a? JSON::JWT
self.header.update hash_or_jwt.header
self.signature = hash_or_jwt.signature
+ self.blank_payload = hash_or_jwt.blank_payload
end
self
end
@@ -118,6 +119,7 @@
verify_ecdsa_group! private_key
asn1_to_raw(
private_key.dsa_sign_asn1(digest.digest signature_base_string),
+ # private_key.sign(digest, signature_base_string), # NOTE: this causes `undefined method `private?'` error in ruby 2.3
private_key
)
else
@@ -139,10 +141,7 @@
when ecdsa?
public_key = public_key_or_secret
verify_ecdsa_group! public_key
- public_key.dsa_verify_asn1(
- digest.digest(signature_base_string),
- raw_to_asn1(signature, public_key)
- )
+ public_key.verify digest, raw_to_asn1(signature, public_key), signature_base_string
else
raise UnexpectedAlgorithm.new('Unknown Signature Algorithm')
end
@@ -176,15 +175,18 @@
end
class << self
- def decode_compact_serialized(input, public_key_or_secret, algorithms = nil)
+ def decode_compact_serialized(input, public_key_or_secret, algorithms = nil, allow_blank_payload = false)
unless input.count('.') + 1 == NUM_OF_SEGMENTS
raise InvalidFormat.new("Invalid JWS Format. JWS should include #{NUM_OF_SEGMENTS} segments.")
end
header, claims, signature = input.split('.', JWS::NUM_OF_SEGMENTS).collect do |segment|
Base64.urlsafe_decode64 segment.to_s
end
- header, claims = [header, claims].collect do |json|
- JSON.parse(json).with_indifferent_access
+ header = JSON.parse(header).with_indifferent_access
+ if allow_blank_payload && claims == ''
+ claims = nil
+ else
+ claims = JSON.parse(claims).with_indifferent_access
end
jws = new claims
jws.header = header
@@ -194,7 +196,7 @@
jws
end
- def decode_json_serialized(input, public_key_or_secret, algorithms = nil)
+ def decode_json_serialized(input, public_key_or_secret, algorithms = nil, allow_blank_payload = false)
input = input.with_indifferent_access
header, payload, signature = if input[:signatures].present?
[
@@ -210,7 +212,7 @@
end
end
compact_serialized = [header, payload, signature].join('.')
- decode_compact_serialized compact_serialized, public_key_or_secret, algorithms
+ decode_compact_serialized compact_serialized, public_key_or_secret, algorithms, allow_blank_payload
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json/jwt.rb new/lib/json/jwt.rb
--- old/lib/json/jwt.rb 2018-05-01 05:21:53.000000000 +0200
+++ new/lib/json/jwt.rb 2018-12-14 04:18:35.000000000 +0100
@@ -6,6 +6,7 @@
module JSON
class JWT < ActiveSupport::HashWithIndifferentAccess
+ attr_accessor :blank_payload
attr_accessor :signature
class Exception < StandardError; end
@@ -19,8 +20,10 @@
@content_type = 'application/jwt'
self.typ = :JWT
self.alg = :none
- [:exp, :nbf, :iat].each do |key|
- claims[key] = claims[key].to_i if claims[key]
+ unless claims.nil?
+ [:exp, :nbf, :iat].each do |key|
+ claims[key] = claims[key].to_i if claims[key]
+ end
end
update claims
end
@@ -71,6 +74,22 @@
end
end
+ def to_json *args
+ if @blank_payload && args.empty?
+ ''
+ else
+ super
+ end
+ end
+
+ def update claims
+ if claims.nil?
+ @blank_payload = true
+ else
+ super
+ end
+ end
+
def pretty_generate
[
JSON.pretty_generate(header),
@@ -79,10 +98,10 @@
end
class << self
- def decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil)
+ def decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false)
case jwt_string.count('.') + 1
when JWS::NUM_OF_SEGMENTS
- JWS.decode_compact_serialized jwt_string, key_or_secret, algorithms
+ JWS.decode_compact_serialized jwt_string, key_or_secret, algorithms, allow_blank_payload
when JWE::NUM_OF_SEGMENTS
JWE.decode_compact_serialized jwt_string, key_or_secret, algorithms, encryption_methods
else
@@ -90,10 +109,10 @@
end
end
- def decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil)
+ def decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false)
input = input.with_indifferent_access
if (input[:signatures] || input[:signature]).present?
- JWS.decode_json_serialized input, key_or_secret, algorithms
+ JWS.decode_json_serialized input, key_or_secret, algorithms, allow_blank_payload
elsif input[:ciphertext].present?
JWE.decode_json_serialized input, key_or_secret, algorithms, encryption_methods
else
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2018-05-01 05:21:53.000000000 +0200
+++ new/metadata 2018-12-14 04:18:35.000000000 +0100
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: json-jwt
version: !ruby/object:Gem::Version
- version: 1.9.4
+ version: 1.10.0
platform: ruby
authors:
- nov matake
autorequire:
bindir: bin
cert_chain: []
-date: 2018-05-01 00:00:00.000000000 Z
+date: 2018-12-14 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: activesupport
@@ -16,14 +16,14 @@
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: '0'
+ version: '4.2'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: '0'
+ version: '4.2'
- !ruby/object:Gem::Dependency
name: bindata
requirement: !ruby/object:Gem::Requirement
@@ -166,7 +166,7 @@
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: '0'
+ version: '2.3'
required_rubygems_version: !ruby/object:Gem::Requirement
requirements:
- - ">="
@@ -174,7 +174,7 @@
version: '0'
requirements: []
rubyforge_project:
-rubygems_version: 2.6.11
+rubygems_version: 2.7.6
signing_key:
specification_version: 4
summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/json/jws_spec.rb new/spec/json/jws_spec.rb
--- old/spec/json/jws_spec.rb 2018-05-01 05:21:53.000000000 +0200
+++ new/spec/json/jws_spec.rb 2018-12-14 04:18:35.000000000 +0100
@@ -7,9 +7,17 @@
_jwt_.alg = alg
_jwt_
end
+ let(:jwt_blank) do
+ _jwt_ = JSON::JWT.new nil
+ _jwt_.alg = alg
+ _jwt_
+ end
let(:jws) { JSON::JWS.new jwt }
+ let(:jws_blank) { JSON::JWS.new jwt_blank }
let(:signed) { jws.sign! private_key_or_secret }
+ let(:signed_blank) { jws_blank.sign! private_key_or_secret }
let(:decoded) { JSON::JWT.decode signed.to_s, public_key_or_secret }
+ let(:decoded_blank) { JSON::JWT.decode signed_blank.to_s, public_key_or_secret, nil, nil, true }
let(:claims) do
{
iss: 'joe',
@@ -27,6 +35,16 @@
:RS512 => 'EHeGM2Mo3ghhUfSB99AlREehrbC6OPE-nYL_rwf88ysTnJ8L1QQ0UuCrXq4SpRutGLK_bYTK3ZALvFRPoOgK_g0QWmqv6qjQRU_QTxoq8y8APP-IgKKDuIiGH6daBV2rAPLDReqYNKsKjmTvZJo2c0a0e_WZkkj_ZwpgjTG3v0gW9lbDAzLJDz18eqtR4ZO7JTu_fyNrUrNk-w2_wpxSsn9sygIMp0lKE0_pt0b01fz3gjTDjlltU0cKSalUp4geaBDH7QRcexrolIctdQFbNKTXQxoigxD3NLNkKGH7f6A8KZdcOm8AnEjullcZs8_OWGnW43p1qrxoBRSivb9pqQ'
}
end
+ let(:expected_signature_blank_payload) do
+ {
+ :HS256 => 'iRFMM3GknVfzRTxlVQT87jfIw32Ik3lUYNGePPk5wnM',
+ :HS384 => 'rxyzr3I2RWRBgQaewQt3yjdp3BqkrFh-iHcet318OYHWhXvyzAE0npf0l0xi5DOV',
+ :HS512 => 'VDHOrPYrwycjaKbwccObXi6dmw4fVFqiFsNFQjqYHQAkxJGxqhfVLc1_WfKMa6C7vGSGroabaVdK7nn08XPdSQ',
+ :RS256 => 'WthQjouPVbErM7McwSY4slJjHaWqmFg1qKdmTDvttkiyAEcTjVViJkNHH9Mp573h13cXtLob1xh3UJYh5_-hSA4Y24zdyck3jp3fsOusflp1cMmhWXZ2nETKeWCEJDKRAnWynHqkwes7tgWmS0gVeuljeNkuovJlHmNRcoMR9Z3ZuiHfc2WFh-iFbM5Zne1y-_SSgAZwOD20P0Ysn28DtJTlXcm74ENqhLEJnvHS-872d6surb23kHMns43GtT5bm-aJoMLct0nO1GBapQAiKUknTsw24IfOkX4vJNQzIWVSzx3zOxXjcVHlH92af6NknIlPCfRparLC9YEK2NkJYg',
+ :RS384 => 'Jy6XNLNAyujRHYoCOtFqu7z0imHZMiwkwBr73ok_DDSDxQSA9ryt_q_tX0u8knpAIRcTJuNA0-s5DkGbpIj9coKgZ5JBvE_n9ijvNubImf8_vCDDitJemzUtnJypb9GbP4A3nWDAZC0KONVqlxpy92-9xrG5sFEzaYCFYZYnXv8kmmQEIVI1GXw4_Fx8HxRu5cae9WWTgaKQOFG54S303C0H966C1o6d9o3HQH7x8GEl632qBw4LzONWr_QpCN-UFgmJHO7yBwaP-RWnLDW3hYlb4IybRIvMQQicjkjNaNwLTmwo31orVxO53GcSjyhU2y_R843nQcNjTT_lD1QRvg',
+ :RS512 => 'ws2HZ6wvh8GMrFKiIHXDogyx8HFpa4wvrLxfZaMfCoMPf0SZ4V3tiEZRWfrxyvwpsdBj2Mgm5lt3IYAHhlI2hqWvuikDq6tuViloaAIm2xwTU060bF0GL1tQJ-h20wUukJ6fsWet8M9DNg7hcElYQMawHhk4L91YUtY2hKT_uWgPih_pn0Hq5Ve0at4CwAyXXTwCYSEH23PMsUdDfE5tfCyvL2bNQ71Ld_MvQS1NLS7hydzEtfxLK-UkDQVclFmEM3JXrPG7YSRodtKlwJ-ESDx6CaJXXDAgitSF32dslcIkmOXRJqjNmF15i_aVg0ExiU92WTpCrdwzWTt4Aphqlw',
+ }
+ end
shared_examples_for :jwt_with_alg do
it { should == jwt }
@@ -45,11 +63,37 @@
end
end
+ describe 'decode' do
+ let(:alg) { :RS256 }
+ let(:private_key_or_secret) { private_key }
+ let(:public_key_or_secret) { public_key }
+
+ describe 'blank payload not allowed' do
+ it 'should raise format error' do
+ expect do
+ JSON::JWT.decode signed_blank.to_s, public_key_or_secret
+ end.to raise_error JSON::JWT::InvalidFormat
+ end
+ end
+ describe 'blank payload allowed' do
+ it 'should not raise an error' do
+ expect do
+ JSON::JWT.decode signed_blank.to_s, public_key_or_secret, nil, nil, true
+ end.to_not raise_error
+ end
+ end
+ end
+
describe '#sign!' do
shared_examples_for :generate_expected_signature do
it do
Base64.urlsafe_encode64(signed.signature, padding: false).should == expected_signature[alg]
end
+ context 'with blank payload' do
+ it do
+ Base64.urlsafe_encode64(signed_blank.signature, padding: false).should == expected_signature_blank_payload[alg]
+ end
+ end
end
subject { signed }
@@ -176,6 +220,32 @@
decoded[:'http://example.com/is_root'] == true
end
end
+
+ context 'with blank payload' do
+ it do
+ expect { decoded_blank }.not_to raise_error
+ decoded_blank.should be_a JSON::JWT
+ end
+
+ describe 'header' do
+ let(:header) { decoded_blank.header }
+ it 'should be parsed successfully' do
+ header[:typ].should == 'JWT'
+ header[:alg].should == alg.to_s
+ end
+ end
+
+ describe 'claims' do
+ it 'should be parsed successfully' do
+ p decoded_blank.blank_payload
+ decoded_blank.blank_payload.should == true
+ decoded_blank[:iss].should == nil
+ decoded_blank[:exp].should == nil
+ decoded[:'http://example.com/is_root'] == nil
+ end
+ end
+ end
+
end
subject { decoded }
@@ -274,6 +344,12 @@
jws.to_json.should == claims.to_json
end
end
+ context 'with blank payload' do
+ it 'should JSONize payload' do
+ puts ("jws_blank: #{jws_blank.to_json.inspect}")
+ jws_blank.to_json.should == ''
+ end
+ end
context 'when syntax option given' do
context 'when general' do
@@ -286,6 +362,17 @@
}]
}.to_json
end
+ context 'with blank payload' do
+ it 'should return General JWS JSON Serialization' do
+ signed_blank.to_json(syntax: :general).should == {
+ payload: '',
+ signatures: [{
+ protected: Base64.urlsafe_encode64(signed_blank.header.to_json, padding: false),
+ signature: Base64.urlsafe_encode64(signed_blank.signature, padding: false)
+ }]
+ }.to_json
+ end
+ end
context 'when not signed yet' do
it 'should not fail' do
@@ -297,6 +384,17 @@
}]
}.to_json
end
+ context 'with blank payload' do
+ it 'should not fail' do
+ jws_blank.to_json(syntax: :general).should == {
+ payload: '',
+ signatures: [{
+ protected: Base64.urlsafe_encode64(jws_blank.header.to_json, padding: false),
+ signature: Base64.urlsafe_encode64('', padding: false)
+ }]
+ }.to_json
+ end
+ end
end
end
@@ -308,6 +406,15 @@
signature: Base64.urlsafe_encode64(signed.signature, padding: false)
}.to_json
end
+ context 'with blank payload' do
+ it 'should return Flattened JWS JSON Serialization' do
+ signed_blank.to_json(syntax: :flattened).should == {
+ protected: Base64.urlsafe_encode64(signed_blank.header.to_json, padding: false),
+ payload: '',
+ signature: Base64.urlsafe_encode64(signed_blank.signature, padding: false)
+ }.to_json
+ end
+ end
context 'when not signed yet' do
it 'should not fail' do
@@ -317,6 +424,15 @@
signature: Base64.urlsafe_encode64('', padding: false)
}.to_json
end
+ context 'with blank payload' do
+ it 'should not fail' do
+ jws_blank.to_json(syntax: :flattened).should == {
+ protected: Base64.urlsafe_encode64(jws_blank.header.to_json, padding: false),
+ payload: '',
+ signature: Base64.urlsafe_encode64('', padding: false)
+ }.to_json
+ end
+ end
end
end
end