Merge branch 'jonasabreu-consistent-verification' #20

2015-09-18 22:29:06 +09:00 · 2015-09-18 22:29:06 +09:00 · 8a33982450
commit 8a33982450
parent 0c139bbd9e 8d4778a20a
3 changed files with 13 additions and 13 deletions
--- a/project.clj
+++ b/project.clj
@ -1,13 +1,13 @@
-(defproject clj-jwt "0.1.0"
+(defproject clj-jwt "0.1.1"
  :description  "Clojure library for JSON Web Token(JWT)"
  :url          "https://github.com/liquidz/clj-jwt"
  :license      {:name "Eclipse Public License"
                 :url "http://www.eclipse.org/legal/epl-v10.html"}
-  :dependencies [[org.clojure/clojure "1.6.0"]
+  :dependencies [[org.clojure/clojure "1.7.0"]
                 [org.clojure/data.json "0.2.6"]
                 [org.clojure/data.codec "0.1.0"]
                 [org.bouncycastle/bcpkix-jdk15on "1.52"]
                 [crypto-equality "1.0.0"]
-                 [clj-time "0.9.0"]]
-  :profiles {:dev {:dependencies [[midje "1.6.3"  :exclusions [org.clojure/clojure]]]}}
+                 [clj-time "0.11.0"]]
+  :profiles {:dev {:dependencies [[midje "1.7.0"  :exclusions [org.clojure/clojure]]]}}
  :plugins  [[lein-midje "3.1.3"]])
--- a/src/clj_jwt/core.clj
+++ b/src/clj_jwt/core.clj
@ -14,7 +14,7 @@
                                       url-safe-decode-str))
 (defn- update-map [m k f] (if (contains? m k) (update-in m [k] f) m))

-(defrecord JWT [header claims signature])
+(defrecord JWT [header claims signature encoded-data])

 ; ----------------------------------
 ; JsonWebToken
@ -62,7 +62,7 @@
     (let [this*   (set-alg this alg)
           sign-fn (get-signature-fn alg)
           data    (str (encoded-header this*) "." (encoded-claims this*))]
-       (assoc this* :signature (sign-fn key data)))))
+       (assoc this* :signature (sign-fn key data) :encoded-data data))))

  (verify
    ([this] (verify this ""))
@ -72,9 +72,8 @@
         (= :none alg) (= "" key (:signature this))

         (supported-algorithm? alg)
-         (let [verify-fn (get-verify-fn alg)
-               data    (str (encoded-header this) "." (encoded-claims this))]
-           (verify-fn key data (:signature this)))
+         (let [verify-fn (get-verify-fn alg)]
+           (verify-fn key (:encoded-data this) (:signature this)))

         :else (throw (Exception. "Unkown signature")))))
    ([this algorithm key]
@ -83,7 +82,7 @@
       false))))

 ; =jwt
-(defn jwt [claim] (init (->JWT "" "" "") claim))
+(defn jwt [claim] (init (->JWT "" "" "" "") claim))

 ; =str->jwt
 (defn str->jwt
@ -91,4 +90,5 @@
  (let [[header claims signature] (str/split jwt-string #"\.")]
    (->JWT (encoded-json->map header)
           (encoded-json->map claims)
-           (or signature ""))))
+           (or signature "")
+           (str header "." claims))))
--- a/test/clj_jwt/core_test.clj
+++ b/test/clj_jwt/core_test.clj
@ -98,8 +98,8 @@

 (facts "JWT verify"
  (fact "Unknown signature algorithm should be thrown exception."
-    (verify (->JWT {:typ "JWT" :alg "DUMMY"} claim ""))    => (throws Exception)
-    (verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "") "") => (throws Exception))
+    (verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "" ""))    => (throws Exception)
+    (verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "" "") "") => (throws Exception))

  (fact "Plain JWT should be verified."
    (-> claim jwt verify)                             => true