gitlab-org--gitlab-foss/lib/json_web_token/hmac_token.rb

# frozen_string_literal: true

require 'jwt'

module JSONWebToken
  class HMACToken < Token
    IAT_LEEWAY = 60
    JWT_ALGORITHM = 'HS256'

    def initialize(secret)
      super()

      @secret = secret
    end

    def self.decode(token, secret, leeway: IAT_LEEWAY, verify_iat: true)
      JWT.decode(token, secret, true, leeway: leeway, verify_iat: verify_iat, algorithm: JWT_ALGORITHM)
    end

    def encoded
      JWT.encode(payload, secret, JWT_ALGORITHM, { typ: 'JWT' })
    end

    private

    attr_reader :secret
  end
end
Relocate JSONWebToken::HMACToken from EE 2018-11-08 04:28:13 -05:00			`# frozen_string_literal: true`

			`require 'jwt'`

			`module JSONWebToken`
			`class HMACToken < Token`
			`IAT_LEEWAY = 60`
			`JWT_ALGORITHM = 'HS256'`

			`def initialize(secret)`
			`super()`

			`@secret = secret`
			`end`

			`def self.decode(token, secret, leeway: IAT_LEEWAY, verify_iat: true)`
			`JWT.decode(token, secret, true, leeway: leeway, verify_iat: verify_iat, algorithm: JWT_ALGORITHM)`
			`end`

			`def encoded`
Add typ header back into JWT payload ruby-jwt v2.0 removed the `typ` header in https://github.com/jwt/ruby-jwt/commit/cc41d53e00f8cbf015271b53f5ad761bd6ac2312. To ensure tokens don't get marked invalid during an upgrade, add it back to ensure backwards compatibility. 2018-12-29 03:07:45 -05:00			`JWT.encode(payload, secret, JWT_ALGORITHM, { typ: 'JWT' })`
Relocate JSONWebToken::HMACToken from EE 2018-11-08 04:28:13 -05:00			`end`

			`private`

			`attr_reader :secret`
			`end`
			`end`