Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to extend JWT encoding and decoding behaviour #460

Closed
wants to merge 33 commits into from
Closed

Ability to extend JWT encoding and decoding behaviour #460

wants to merge 33 commits into from

Conversation

anakinj
Copy link
Member

@anakinj anakinj commented Dec 27, 2021
edited by excpt
Loading

This is a second attempt of making it possible to extend the token decoding/encoding behaviour. First version of the same idea in #434

For example to support deflating the payload after verification as discussed in #428

Rough example on how it works

class MyJWTHandler
  include ::JWT

  algorithm 'ES256'

  jwk_resolver do |_options|
    # Load JWKs from trusted source
  end

  signing_key es256_private_key

  encode_payload do |payload|
    ::Base64.urlsafe_encode64(::JWT::JSON.generate(payload)), padding: true)
  end

  decode_payload do |raw_payload|
    ::JWT::JSON.parse(::Base64.urlsafe_decode64(raw_payload))
  end
end

Focus now was on the decoding/encoding and signing of the token. The mechanics could be extended to claims etc..

sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Dec 27, 2021
View reviewed changes
lib/jwt/extension.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Dec 27, 2021
View reviewed changes
lib/jwt/encode.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Dec 27, 2021
View reviewed changes
lib/jwt/encode.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Dec 27, 2021
View reviewed changes
lib/jwt/decode.rb Outdated Show resolved Hide resolved
@anakinj anakinj mentioned this pull request Dec 27, 2021
Open
excpt
excpt previously approved these changes Dec 27, 2021
View reviewed changes
@anakinj
Copy link
Member Author

anakinj commented Dec 30, 2021

Im going to refine this a little bit more. Not super happy with the methods setting the signing keys with.

@anakinj anakinj marked this pull request as draft January 7, 2022 06:28
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Jan 7, 2022
View reviewed changes
lib/jwt/extension/keys.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Jan 7, 2022
View reviewed changes
lib/jwt/encode.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Jan 7, 2022
View reviewed changes
lib/jwt/decode_token.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Jan 7, 2022
View reviewed changes
lib/jwt/decode_token.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Jan 7, 2022
View reviewed changes
lib/jwt/decode_token.rb Outdated Show resolved Hide resolved
sourcelevel-bot[bot]
sourcelevel-bot bot reviewed Jan 7, 2022
View reviewed changes
lib/jwt/decode_token.rb Outdated Show resolved Hide resolved
@anakinj
Extracted verify_claims
ff613e4
@anakinj
Extracted even more methods and tests are passing
f35ba82
@anakinj
Avoid instance variables
08b2d50
@anakinj
Renamed shared methods module
4181ecb
@anakinj
Decrease differences on old behaviour
4b78ebe
@anakinj
Methods with bangs
4f965d1
@anakinj
Unify raising
589542d
@anakinj
Raise the no verification key error from one place only
9388723
@anakinj
block support for the .decode! method
d7dad0f
@anakinj
Refactor ::JWT::Decode class to support custom algorithms
61fa3d5
@anakinj
Some refactorings
f0b7d96
@anakinj
Refactor decoding a litte more
604a23e
@anakinj
Renamed ::JWT::Extension to ::JWT:DSL
e13bdbd
@anakinj
Disabled MissingSafeMethod
6b3611d
@anakinj
No need to check the keyfinder arity before calling
581d4b7
@anakinj
Leeway configuration for DSL
d467551
@anakinj
Nil token handling
9a3bb7e
@anakinj
Fix minor reek issue
2153057
@anakinj
Reduce amount of instance variables in ::JWT:Encode
73855bf
@anakinj
Added newline in .reek.yml
c8921db
@anakinj
Do not include default options
1edad1b
@anakinj
Split defaults even more
1e48820
@anakinj
Added a few lines in the README
11bb8b3
@anakinj
Allow keys to be procs
c37595d
@anakinj
Possibility to give the expiration time on the JWT class
1ef54ff
@anakinj anakinj mentioned this pull request Feb 11, 2022
Closed
@anakinj
Copy link
Member Author

anakinj commented Sep 11, 2022

Im going to close this one and yet again try to tackle issues one by one.

First up is this #510

@anakinj anakinj closed this Sep 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sourcelevel-bot sourcelevel-bot[bot] sourcelevel-bot[bot] left review comments

@excpt excpt excpt left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anakinj @excpt