Merge remote-tracking branch 'origin/main' into version-3.0

.codeclimate.yml

@@ -5,4 +5,4 @@ plugins:
     enabled: true
   rubocop:
     enabled: true
-    channel: rubocop-1-31-0
+    channel: rubocop-1-56-3

.github/pull_request_template.md

@@ -0,0 +1,10 @@
+
+### Description
+
+This Pull Request changes/fixes this thing
+
+### Checklist
+
+Before the PR can be merged be sure the following are checked:
+* [ ] There are tests for the fix or feature added/changed
+* [ ] A description of the changes and a reference to the PR has been added to CHANGELOG.md. More details in the [CONTRIBUTING.md](https://github.com/jwt/ruby-jwt/blob/main/CONTRIBUTING.md)

.rubocop.yml

@@ -63,3 +63,6 @@ Layout/MultilineOperationIndentation:
 
 Style/WordArray:
   Enabled: false
+
+Gemspec/DevelopmentDependencies:
+  EnforcedStyle: gemspec

.simplecov

@@ -6,7 +6,7 @@ require 'simplecov_json_formatter'
 SimpleCov.start do
   command_name "Job #{File.basename(ENV['BUNDLE_GEMFILE'])}" if ENV['BUNDLE_GEMFILE']
   project_name 'Ruby JWT - Ruby JSON Web Token implementation'
-  coverage_dir "coverage-#{::OpenSSL::Digest::SHA256.hexdigest(ENV['GITHUB_STEP_SUMMARY'])}" if ENV['GITHUB_STEP_SUMMARY']
+  coverage_dir "coverage-#{OpenSSL::Digest::SHA256.hexdigest(ENV['GITHUB_STEP_SUMMARY'])}" if ENV['GITHUB_STEP_SUMMARY']
   add_filter 'spec'
 end
 

Appraisals

@@ -1,13 +1,15 @@
 # frozen_string_literal: true
 
 appraise 'standalone' do
-  # No additions
+  remove_gem 'rubocop'
 end
 
 appraise 'openssl' do
   gem 'openssl', '~> 2.1'
+  remove_gem 'rubocop'
 end
 
 appraise 'rbnacl' do
   gem 'rbnacl', '>= 6'
+  remove_gem 'rubocop'
 end

CHANGELOG.md

@@ -17,6 +17,20 @@
 - Algorithms moved under the `::JWT::JWA` module ([@anakinj](https://github.com/anakinj))
 - Your contribution here
 
+## [v2.7.2](https://github.com/jwt/ruby-jwt/tree/v2.7.2) (NEXT)
+
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.7.1...v2.7.2)
+
+**Features:**
+
+- Updated rubocop to 1.56 [#573](https://github.com/jwt/ruby-jwt/pull/573) - [@anakinj](https://github.com/anakinj).
+- Your contribution here
+
+**Fixes and enhancements:**
+
+- Fix signature has expired error if payload is a string [#555](https://github.com/jwt/ruby-jwt/pull/555) - [@GobinathAL](https://github.com/GobinathAL).
+- Your contribution here
+
 ## [v2.7.1](https://github.com/jwt/ruby-jwt/tree/v2.8.0) (2023-06-09)
 
 [Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.7.0...v2.8.0)

Gemfile

@@ -4,4 +4,4 @@ source 'https://rubygems.org'
 
 gemspec
 
-gem 'rubocop', '< 1.32' # Keep .codeclimate.yml channel in sync with this one
+gem 'rubocop', '~> 1.56.3' # Keep .codeclimate.yml channel in sync with this one

bin/smoke.rb

@@ -3,7 +3,7 @@
 
 require 'jwt'
 
-puts "Running simple encode/decode test for #{::JWT.gem_version}"
+puts "Running simple encode/decode test for #{JWT.gem_version}"
 secret = 'secretkeyforsigning'
-token  = ::JWT.encode({ con: 'tent' }, secret, 'HS256')
-::JWT.decode(token, secret, true, algorithm: 'HS256')
+token  = JWT.encode({ con: 'tent' }, secret, 'HS256')
+JWT.decode(token, secret, true, algorithm: 'HS256')

gemfiles/openssl.gemfile

@@ -2,7 +2,6 @@
 
 source "https://rubygems.org"
 
-gem "rubocop", "< 1.32"
 gem "openssl", "~> 2.1"
 
 gemspec path: "../"

gemfiles/rbnacl.gemfile

@@ -2,7 +2,6 @@
 
 source "https://rubygems.org"
 
-gem "rubocop", "< 1.32"
 gem "rbnacl", ">= 6"
 
 gemspec path: "../"

gemfiles/standalone.gemfile

@@ -2,6 +2,4 @@
 
 source "https://rubygems.org"
 
-gem "rubocop", "< 1.32"
-
 gemspec path: "../"

lib/jwt/jwk.rb

@@ -52,4 +52,4 @@ def generate_mappings
 require_relative 'jwk/ec'
 require_relative 'jwk/rsa'
 require_relative 'jwk/hmac'
-require_relative 'jwk/okp_rbnacl' if ::JWT.rbnacl?
+require_relative 'jwk/okp_rbnacl' if JWT.rbnacl?

lib/jwt/version.rb

@@ -21,7 +21,8 @@ module VERSION
 
   def self.openssl_3?
     return false if OpenSSL::OPENSSL_VERSION.include?('LibreSSL')
-    return true if OpenSSL::OPENSSL_VERSION_NUMBER >= 3 * 0x10000000
+
+    true if 3 * 0x10000000 <= OpenSSL::OPENSSL_VERSION_NUMBER
   end
 
   def self.rbnacl?

ruby-jwt.gemspec

@@ -35,5 +35,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler'
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubocop'
   spec.add_development_dependency 'simplecov'
 end

spec/configuration/jwk_configuration_spec.rb

@@ -11,7 +11,7 @@
     context 'when valid value is passed' do
       it 'sets the generator matching the value' do
         subject.kid_generator_type = :rfc7638_thumbprint
-        expect(subject.kid_generator).to eq(::JWT::JWK::Thumbprint)
+        expect(subject.kid_generator).to eq(JWT::JWK::Thumbprint)
       end
     end
   end

spec/integration/readme_examples_spec.rb

@@ -29,7 +29,7 @@
     end
 
     it 'decodes with HMAC algorithm without secret key' do
-      pending 'Different behaviour on OpenSSL 3.0 (https://github.com/openssl/openssl/issues/13089)' if ::JWT.openssl_3_hmac_empty_key_regression?
+      pending 'Different behaviour on OpenSSL 3.0 (https://github.com/openssl/openssl/issues/13089)' if JWT.openssl_3_hmac_empty_key_regression?
       token = JWT.encode payload, nil, 'HS256'
       decoded_token = JWT.decode token, nil, false
 
@@ -80,7 +80,7 @@
       end
     end
 
-    if ::Gem::Version.new(OpenSSL::VERSION) >= ::Gem::Version.new('2.1')
+    if Gem::Version.new(OpenSSL::VERSION) >= Gem::Version.new('2.1')
       it 'RSASSA-PSS' do
         rsa_private = OpenSSL::PKey::RSA.generate 2048
         rsa_public = rsa_private.public_key
@@ -414,7 +414,7 @@
     end
 
     it 'JWK with thumbprint as kid via type' do
-      JWT.configuration.jwk.kid_generator = ::JWT::JWK::Thumbprint
+      JWT.configuration.jwk.kid_generator = JWT::JWK::Thumbprint
 
       jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048))
 
@@ -424,15 +424,15 @@
     end
 
     it 'JWK with thumbprint given in the initializer (legacy)' do
-      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), kid_generator: ::JWT::JWK::Thumbprint)
+      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), kid_generator: JWT::JWK::Thumbprint)
 
       jwk_hash = jwk.export
 
       expect(jwk_hash[:kid].size).to eq(43)
     end
 
     it 'JWK with thumbprint given in the initializer' do
-      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), nil, kid_generator: ::JWT::JWK::Thumbprint)
+      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), nil, kid_generator: JWT::JWK::Thumbprint)
 
       jwk_hash = jwk.export
 
@@ -460,8 +460,8 @@ def self.verify(data:, signature:, verification_key:)
         end
       end
 
-      token = ::JWT.encode({ 'pay' => 'load' }, 'secret', custom_hs512_alg)
-      _payload, _header = ::JWT.decode(token, 'secret', true, algorithm: custom_hs512_alg)
+      token = JWT.encode({ 'pay' => 'load' }, 'secret', custom_hs512_alg)
+      _payload, _header = JWT.decode(token, 'secret', true, algorithm: custom_hs512_alg)
     end
   end
 end

spec/jwk/decode_with_jwk_spec.rb

@@ -166,7 +166,7 @@
       if defined?(RbNaCl)
         context 'when OKP keys are used' do
           before do
-            skip('Requires the rbnacl gem') unless ::JWT.rbnacl?
+            skip('Requires the rbnacl gem') unless JWT.rbnacl?
           end
 
           let(:keypair) { RbNaCl::Signatures::Ed25519::SigningKey.new(SecureRandom.hex) }

spec/jwk/okp_rbnacl_spec.rb

@@ -11,7 +11,7 @@
   subject(:instance) { described_class.new(key) }
 
   before do
-    skip('Requires the rbnacl gem') unless ::JWT.rbnacl?
+    skip('Requires the rbnacl gem') unless JWT.rbnacl?
   end
 
   describe '.new' do

spec/jwk/rsa_spec.rb

@@ -152,7 +152,7 @@
       let(:jwk_parameters) { all_jwk_parameters.slice(:e, :n) }
 
       it 'creates a valid RSA object representing a public key' do
-        expect(subject).to be_a(::OpenSSL::PKey::RSA)
+        expect(subject).to be_a(OpenSSL::PKey::RSA)
         expect(subject.private?).to eq(false)
       end
     end
@@ -169,7 +169,7 @@
       let(:jwk_parameters) { all_jwk_parameters.slice(:n, :e, :d, :p, :q, :dp, :dq, :qi) }
 
       it 'creates a valid RSA object representing a public key' do
-        expect(subject).to be_a(::OpenSSL::PKey::RSA)
+        expect(subject).to be_a(OpenSSL::PKey::RSA)
         expect(subject.private?).to eq(true)
       end
     end
@@ -180,11 +180,11 @@
       let(:jwk_parameters) { all_jwk_parameters.slice(:e, :n, :d) }
 
       before do
-        skip 'OpenSSL prior to 2.2 does not seem to support partial parameters' if ::JWT.openssl_version < ::Gem::Version.new('2.2')
+        skip 'OpenSSL prior to 2.2 does not seem to support partial parameters' if JWT.openssl_version < Gem::Version.new('2.2')
       end
 
       it 'creates a valid RSA object representing a private key' do
-        expect(subject).to be_a(::OpenSSL::PKey::RSA)
+        expect(subject).to be_a(OpenSSL::PKey::RSA)
         expect(subject.private?).to eq(true)
       end
 
@@ -217,7 +217,7 @@
   describe '.create_rsa_key_using_sets' do
     before do
       skip 'OpenSSL without the RSA#set_key method not supported' unless OpenSSL::PKey::RSA.new.respond_to?(:set_key)
-      skip 'OpenSSL 3.0 does not allow mutating objects anymore' if ::JWT.openssl_3?
+      skip 'OpenSSL 3.0 does not allow mutating objects anymore' if JWT.openssl_3?
     end
 
     subject(:rsa) { described_class.create_rsa_key_using_sets(rsa_parameters) }

spec/jwk_spec.rb

@@ -12,14 +12,14 @@
     subject { described_class.import(params) }
 
     it 'creates a ::JWT::JWK::RSA instance' do
-      expect(subject).to be_a ::JWT::JWK::RSA
+      expect(subject).to be_a JWT::JWK::RSA
       expect(subject.export).to eq(exported_key)
     end
 
     context 'parsed from JSON' do
       let(:params)  { exported_key }
       it 'creates a ::JWT::JWK::RSA instance from JSON parsed JWK' do
-        expect(subject).to be_a ::JWT::JWK::RSA
+        expect(subject).to be_a JWT::JWK::RSA
         expect(subject.export).to eq(exported_key)
       end
     end
@@ -53,17 +53,17 @@
 
     context 'when RSA key is given' do
       let(:keypair) { rsa_key }
-      it { is_expected.to be_a ::JWT::JWK::RSA }
+      it { is_expected.to be_a JWT::JWK::RSA }
     end
 
     context 'when secret key is given' do
       let(:keypair) { 'secret-key' }
-      it { is_expected.to be_a ::JWT::JWK::HMAC }
+      it { is_expected.to be_a JWT::JWK::HMAC }
     end
 
     context 'when EC key is given' do
       let(:keypair) { ec_key }
-      it { is_expected.to be_a ::JWT::JWK::EC }
+      it { is_expected.to be_a JWT::JWK::EC }
     end
 
     context 'when kid is given' do

spec/jwt/configuration_spec.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-RSpec.describe ::JWT do
+RSpec.describe JWT do
   describe 'JWT.configure' do
     it 'yields the configuration' do
       expect { |b| described_class.configure(&b) }.to yield_with_args(described_class.configuration)

spec/jwt/jwa/ecdsa_spec.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-RSpec.describe ::JWT::JWA::Ecdsa do
+RSpec.describe JWT::Algos::Ecdsa do
   describe '.curve_by_name' do
     subject { described_class.curve_by_name(curve_name) }
 

spec/jwt/jwa/hmac_spec.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-RSpec.describe ::JWT::JWA::Hmac do
+RSpec.describe JWT::JWA::Hmac do
   describe '.sign' do
     subject { described_class.sign('HS256', 'test', hmac_secret) }