From 4bed3b42e03155d8b9a736a85921e214e21d3490 Mon Sep 17 00:00:00 2001 From: Tim Rudat Date: Sun, 3 Sep 2017 01:44:00 +0200 Subject: [PATCH] Fix encode issue with array payload If a array payload is given the 'exp' claim check will be skipped. Refacor methods to make use of instance variables and avoid multiple method calls. Fixes #188. --- lib/jwt/encode.rb | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/lib/jwt/encode.rb b/lib/jwt/encode.rb index e2358fe7..e3ac370f 100644 --- a/lib/jwt/encode.rb +++ b/lib/jwt/encode.rb @@ -22,31 +22,30 @@ def initialize(payload, key, algorithm, header_fields) private - def encoded_header(algorithm, header_fields) - header = { 'alg' => algorithm }.merge(header_fields) + def encoded_header + header = { 'alg' => @algorithm }.merge(@header_fields) Encode.base64url_encode(JSON.generate(header)) end - def encoded_payload(payload) - raise InvalidPayload, 'exp claim must be an integer' if payload && payload['exp'] && !payload['exp'].is_a?(Integer) - Encode.base64url_encode(JSON.generate(payload)) + def encoded_payload + raise InvalidPayload, 'exp claim must be an integer' if @payload && !@payload.is_a?(Array) && @payload.key?('exp') && !@payload['exp'].is_a?(Integer) + Encode.base64url_encode(JSON.generate(@payload)) end - def encoded_signature(signing_input, key, algorithm) - if algorithm == 'none' + def encoded_signature(signing_input) + if @algorithm == 'none' '' else - signature = JWT::Signature.sign(algorithm, signing_input, key) + signature = JWT::Signature.sign(@algorithm, signing_input, @key) Encode.base64url_encode(signature) end end def encode_segments - segments = [] - segments << encoded_header(@algorithm, @header_fields) - segments << encoded_payload(@payload) - segments << encoded_signature(segments.join('.'), @key, @algorithm) - segments.join('.') + header = encoded_header + payload = encoded_payload + signature = encoded_signature([header, payload].join('.')) + [header, payload, signature].join('.') end end end