class JWTear::JWS

JWS

Takes a parsed token from JSON::JWT#decode

Attributes

alg[RW]
at_hash[RW]
aud[RW]
azp[RW]
cty[RW]
email[RW]
email_verified[RW]
exp[RW]
hd[RW]
header[RW]
iat[RW]
iss[RW]
jku[RW]
kid[RW]
payload[RW]
signature[RW]
sub[RW]
typ[RW]

Public Instance Methods

generate_jws(header:, payload:, key:) click to toggle source

generate_jws

generate JWS token

@param header [JSON] @param payload [JSON] @param key [String]

@return [String] the generated token

# File lib/jwtear/jws.rb, line 54
def generate_jws(header:, payload:, key:)
  jwt = JSON::JWT.new(JSON.parse(payload, symbolize_names: true))
  jwt.header = JSON.parse(header, symbolize_names: true)
  handle_signing(jwt, key)
rescue JSON::JWS::UnexpectedAlgorithm => e
  puts "Unexpected algorithm '#{jwt.header[:alg]}'."
  puts e.message
  exit!
rescue Exception => e
  print_error e.message
end
parse(token) click to toggle source

parse

is a basic parser for JWS token

@param token [String]

parsed token string

@return [Self]

# File lib/jwtear/jws.rb, line 21
def parse(token)
  jwt = JSON::JWT.decode(token, :skip_verification)
  @header    = jwt.header
  @payload   = jwt.to_h
  @signature = jwt.signature
  @alg       = @header["alg"]
  @typ       = @header["typ"]
  @cty       = @header["cty"]
  @kid       = @header["kid"]
  @jku       = @header["jku"]
  @iat       = @payload["iat"]
  self
rescue JSON::JWT::InvalidFormat => e
  print_error e.message
  puts token
  exit!
rescue Exception => e
  puts e.full_message
end
to_json_presentation() click to toggle source
# File lib/jwtear/jws.rb, line 41
def to_json_presentation
  "#{@header.to_json}" + ".".bold + "#{@payload.to_json}" + ".".bold + "#{Base64.urlsafe_encode64(@signature, padding: false)}"
end

Private Instance Methods

handle_signing(jwt, key=nil) click to toggle source

handle_signing

Handles the algorithm 'none'.

@param jwt [JSON] @param key [String]

# File lib/jwtear/jws.rb, line 73
def handle_signing(jwt, key=nil)
  if jwt.alg =~ /none/i
    jwt.to_s
  else
    raise JSON::JWS::UnexpectedAlgorithm.new("Encryption algorithm '#{jwt.alg}' requires key.") if key.nil?
    alg = jwt.alg.upcase
    case
    when alg.start_with?("HS")
      key
    when alg.start_with?("RS")
      key = OpenSSL::PKey::RSA.new(key)
    when alg.start_with?("PS")
      key = OpenSSL::PKey::RSA.new(key)
    when alg.start_with?("ES")
      # key = OpenSSL::PKey::RSA.new(key)
      print_error("Signing for ECDSA-SHA is not yet implemented")
      print_warning 'Please report the issue to: https://github.com/KINGSABRI/jwtear/issues'.underline
    else
      print_warning("Undefined algorithm. This might generate a wrong token")
      print_warning 'Please report the issue to: https://github.com/KINGSABRI/jwtear/issues'.underline
      key
    end
    jwt.alg = alg.to_sym
    jwt.sign(key).to_s
  end
end