Class: JSON::JWS

Inherits:

JOSE

• Object
• ActiveSupport::HashWithIndifferentAccess
• JWT
• JOSE
• JSON::JWS

Defined in:

lib/json/jws.rb

Defined Under Namespace

Classes: InvalidFormat, UnexpectedAlgorithm, VerificationFailed

Constant Summary

NUM_OF_SEGMENTS =

3

Instance Attribute Summary

• #signature_base_string ⇒ Object writeonly

  Sets the attribute signature_base_string.

Attributes inherited from JWT

#header, #signature

Class Method Summary

• .decode_compact_serialized(input, public_key_or_secret) ⇒ Object
• .decode_json_serialized(input, public_key_or_secret) ⇒ Object

Instance Method Summary

• #initialize(jwt) ⇒ JWS constructor

  A new instance of JWS.

• #sign!(private_key_or_secret) ⇒ Object
• #update_with_jose_attributes(hash_or_jwt) ⇒ Object
• #verify!(public_key_or_secret) ⇒ Object

Methods inherited from JOSE

#content_type

Methods inherited from JWT

#as_json, #content_type, decode, #encrypt, register_header_keys, #to_s, #verify

Constructor Details

#initialize(jwt) ⇒ JWS

Returns a new instance of JWS.

# File 'lib/json/jws.rb', line 11

def initialize(jwt)
  update jwt
end

Instance Attribute Details

#signature_base_string=(value) ⇒ Object

Sets the attribute signature_base_string

Parameters:

• value —

  the value to set the attribute signature_base_string to.

# File 'lib/json/jws.rb', line 9

def signature_base_string=(value)
  @signature_base_string = value
end

Class Method Details

.decode_compact_serialized(input, public_key_or_secret) ⇒ Object

# File 'lib/json/jws.rb', line 149

def decode_compact_serialized(input, public_key_or_secret)
  unless input.count('.') + 1 == NUM_OF_SEGMENTS
    raise InvalidFormat.new("Invalid JWS Format. JWS should include #{NUM_OF_SEGMENTS} segments.")
  end
  header, claims, signature = input.split('.', JWS::NUM_OF_SEGMENTS).collect do |segment|
    UrlSafeBase64.decode64 segment.to_s
  end
  header, claims = [header, claims].collect do |json|
    MultiJson.load(json).with_indifferent_access
  end
  jws = new claims
  jws.header = header
  jws.signature = signature
  jws.signature_base_string = input.split('.')[0, JWS::NUM_OF_SEGMENTS - 1].join('.')
  jws.verify! public_key_or_secret unless public_key_or_secret == :skip_verification
  jws
end

.decode_json_serialized(input, public_key_or_secret) ⇒ Object

# File 'lib/json/jws.rb', line 167

def decode_json_serialized(input, public_key_or_secret)
  input = input.with_indifferent_access
  header, payload, signature = if input[:signatures].present?
    [
      input[:signatures].first[:protected],
      input[:payload],
      input[:signatures].first[:signature]
    ].collect do |segment|
      segment
    end
  else
    [:protected, :payload, :signature].collect do |key|
      input[key]
    end
  end
  compact_serialized = [header, payload, signature].join('.')
  decode_compact_serialized compact_serialized, public_key_or_secret
end

Instance Method Details

#sign!(private_key_or_secret) ⇒ Object

# File 'lib/json/jws.rb', line 15

def sign!(private_key_or_secret)
  self.signature = sign signature_base_string, private_key_or_secret
  self
end

#update_with_jose_attributes(hash_or_jwt) ⇒ Object

# File 'lib/json/jws.rb', line 30

def update_with_jose_attributes(hash_or_jwt)
  update_without_jose_attributes hash_or_jwt
  if hash_or_jwt.is_a? JSON::JWT
    self.header = hash_or_jwt.header
    self.signature = hash_or_jwt.signature
  end
  self
end

#verify!(public_key_or_secret) ⇒ Object

# File 'lib/json/jws.rb', line 20

def verify!(public_key_or_secret)
  if alg.try(:to_sym) == :none
    raise UnexpectedAlgorithm if public_key_or_secret
    signature == '' or raise VerificationFailed
  else
    public_key_or_secret && valid?(public_key_or_secret) or
    raise VerificationFailed
  end
end