Merge in updates up to v1.5.6 of ruby-jwt#213
Conversation
…erywhere update specs as well
|
Hello, @britton! This is your first Pull Request that will be reviewed by Ebert, an automatic Code Review service. It will leave comments on this diff with potential issues and style violations found in the code as you push new commits. You can also see all the issues found on this Pull Request on its review page. Please check our documentation for more information. |
![sourcelevel-bot[bot]](https://avatars.githubusercontent.com/in/597?s=60&v=4){kind=small}
|
|
||
|
|
||
| fail( | ||
| raise( |
There was a problem hiding this comment.
Favor a normal unless-statement over a modifier clause in a multiline statement.
| if @payload['aud'].is_a?(Array) | ||
| verify_aud_array(@payload['aud'], options_aud) | ||
| else | ||
| raise( |
There was a problem hiding this comment.
Favor a normal unless-statement over a modifier clause in a multiline statement.
| raise(JWT::InvalidJtiError, 'Invalid jti') unless options_verify_jti.call(@payload['jti']) | ||
| else | ||
| fail(JWT::InvalidJtiError, 'Missing jti') if payload['jti'].to_s == '' | ||
| raise(JWT::InvalidJtiError, 'Missing jti') if @payload['jti'].to_s.strip.empty? |
There was a problem hiding this comment.
Convert if nested inside else to elsif.
| JWT::InvalidAudError, | ||
| "Invalid audience. Expected #{options[:aud]}, received #{payload['aud'] || '<none>'}" | ||
| ) unless payload['aud'].to_s == options[:aud].to_s | ||
| if @payload['nbf'].to_i > (Time.now.to_i + leeway) |
There was a problem hiding this comment.
Use a guard clause instead of wrapping the code inside a conditional expression.
|
|
||
| if !(payload['iat'].is_a?(Integer)) || payload['iat'].to_i > (Time.now.to_i + options[:leeway]) | ||
| fail(JWT::InvalidIatError, 'Invalid iat') | ||
| if @payload['iss'].to_s != options_iss.to_s |
There was a problem hiding this comment.
Use a guard clause instead of wrapping the code inside a conditional expression.
| JWT::InvalidIssuerError, | ||
| "Invalid issuer. Expected #{options[:iss]}, received #{payload['iss'] || '<none>'}" | ||
| ) | ||
| if !@payload['iat'].is_a?(Numeric) || @payload['iat'].to_f > (Time.now.to_f + leeway) |
There was a problem hiding this comment.
Use a guard clause instead of wrapping the code inside a conditional expression.
|
|
||
| if payload['nbf'].to_i > (Time.now.to_i + options[:leeway]) | ||
| fail(JWT::ImmatureSignature, 'Signature nbf has not been reached') | ||
| if @payload['exp'].to_i <= (Time.now.to_i - leeway) |
There was a problem hiding this comment.
Use a guard clause instead of wrapping the code inside a conditional expression.
| OpenSSL.errors.clear | ||
| end | ||
|
|
||
| def verify_signature_algo(algo, key, signing_input, signature) |
There was a problem hiding this comment.
Perceived complexity for verify_signature_algo is too high. [8/7]
| [payload, header] | ||
| end | ||
|
|
||
| def decode_verify_signature(key, header, signature, signing_input, options, &keyfinder) |
There was a problem hiding this comment.
Avoid parameter lists longer than 5 parameters.
| OpenSSL.errors.clear | ||
| end | ||
|
|
||
| def verify_signature_algo(algo, key, signing_input, signature) |
There was a problem hiding this comment.
Cyclomatic complexity for verify_signature_algo is too high. [7/6]
| def verify_signature_algo(algo, key, signing_input, signature) | ||
| if %w(HS256 HS384 HS512).include?(algo) | ||
| fail(JWT::VerificationError, 'Signature verification raised') unless secure_compare(signature, sign_hmac(algo, signing_input, key)) | ||
| raise(JWT::VerificationError, 'Signature verification raised') unless secure_compare(signature, sign_hmac(algo, signing_input, key)) |
There was a problem hiding this comment.
JWT#verify_signature_algo calls 'raise(JWT::VerificationError, 'Signature verification raised')' 3 times
|
|
||
| def decode(jwt, key = nil, verify = true, custom_options = {}, &keyfinder) | ||
| fail(JWT::DecodeError, 'Nil JSON web token') unless jwt | ||
| def decoded_segments(jwt, key = nil, verify = true, custom_options = {}, &keyfinder) |
There was a problem hiding this comment.
JWT#decoded_segments has boolean parameter 'verify'
| end | ||
|
|
||
| merged_options = options.merge(custom_options) | ||
| def decode(jwt, key = nil, verify = true, custom_options = {}, &keyfinder) |
There was a problem hiding this comment.
JWT#decode has boolean parameter 'verify'
| fail(JWT::InvalidJtiError, 'Invalid jti') unless _options[:verify_jti].call(payload['jti']) | ||
| def verify_jti | ||
| options_verify_jti = extract_option(:verify_jti) | ||
| if options_verify_jti.respond_to?(:call) |
There was a problem hiding this comment.
JWT::Verify#verify_jti manually dispatches method call
| def verify_aud | ||
| return unless (options_aud = extract_option(:aud)) | ||
|
|
||
| if @payload['aud'].is_a?(Array) |
There was a problem hiding this comment.
JWT::Verify#verify_aud calls '@payload['aud']' 4 times
|
|
||
| def self.verify_aud(payload, options) | ||
| return unless options[:aud] | ||
| def verify_not_before |
There was a problem hiding this comment.
Similar code found in 1 other location (mass = 22) (lib/jwt/verify.rb#79 and lib/jwt/verify.rb#43)
|
|
||
| def self.verify_not_before(payload, options) | ||
| return unless payload.include?('nbf') | ||
| def verify_expiration |
There was a problem hiding this comment.
Similar code found in 1 other location (mass = 22) (lib/jwt/verify.rb#43 and lib/jwt/verify.rb#79)
|
|
||
| def self.verify_sub(payload, options) | ||
| return unless options[:sub] | ||
| def verify_sub |
There was a problem hiding this comment.
Similar code found in 1 other location (mass = 28) (lib/jwt/verify.rb#87 and lib/jwt/verify.rb#59)
|
|
||
| def self.verify_iat(payload, options) | ||
| return unless payload.include?('iat') | ||
| def verify_iss |
There was a problem hiding this comment.
Similar code found in 1 other location (mass = 28) (lib/jwt/verify.rb#59 and lib/jwt/verify.rb#87)
2 participants
No description provided.