gitlab-org--gitlab-foss

History

Stan Hu 34f51dee0d Set the JWT algorithm to RS256 in decode specs By default, the JWT decode only allows HS256 mode (HMAC using SHA-256 hash algorithm). The specs using RSA tokens failed per https://github.com/jwt/ruby-jwt#algorithms-and-usage: It is strongly recommended that you hard code the algorithm, as you may leave yourself vulnerable by dynamically picking the algorithm.	2018-12-29 06:20:04 -08:00
..
container_registry_authentication_service_spec.rb	Set the JWT algorithm to RS256 in decode specs	2018-12-29 06:20:04 -08:00

Stan Hu 34f51dee0d Set the JWT algorithm to RS256 in decode specs

By default, the JWT decode only allows HS256 mode (HMAC using SHA-256
hash algorithm). The specs using RSA tokens failed per
https://github.com/jwt/ruby-jwt#algorithms-and-usage:

It is strongly recommended that you hard code the algorithm, as you may
leave yourself vulnerable by dynamically picking the algorithm.

2018-12-29 06:20:04 -08:00

container_registry_authentication_service_spec.rb

Set the JWT algorithm to RS256 in decode specs

2018-12-29 06:20:04 -08:00