summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* View is partitioned if db and view are partitioneddont-crash-dbview-partitionedRobert Newson2020-03-161-10/+1
| | | | | | | We've seen a crash if DbPartitioned is false and ViewPartitioned is true, which is obviously nonsense. The effect of the `nocase` is the termination of the couch_index_server gen_server, which is a serious amplification of a small (user-initiated) oddity.
* Merge pull request #2668 from apache/jwtf-unknown-checksRobert Newson2020-03-162-0/+23
|\ | | | | Throw if an unknown check is passed to jwtf:decode
| * Throw if an unknown check is passed to jwtf:decodeRobert Newson2020-03-162-0/+23
|/
* Port elixir proxyauth tests from js to elixir (#2660)Juanjo Rodriguez2020-03-169-32/+227
| | | | * Add support for specify a custom config file for CouchDB startup during testing * Port proxyauth test from js to elixir
* Merge pull request #2661 from apache/jwtf-enhance-alg-checkRobert Newson2020-03-132-4/+15
|\ | | | | Enhance alg check
| * Enhance alg checkjwtf-enhance-alg-checkRobert Newson2020-03-132-4/+15
|/ | | | | The "alg" check can now take list of algorithms that are supported, which must be from the valid list of algorithms.
* Merge pull request #2658 from apache/import-jwtfRobert Newson2020-03-129-0/+854
|\ | | | | Import jwtf
| * add jwtf to releaseimport-jwtfRobert Newson2020-03-122-0/+3
| |
| * merged jwtf into src/jwtfRobert Newson2020-03-127-0/+851
| |\
| | * Merge pull request #12 from cloudant/handle-malformed-tokenJay Doane2020-03-113-9/+41
| | |\ | | | | | | | | Handle malformed tokens with jiffy 1.x
| | | * Handle malformed tokens with jiffy 1.xJay Doane2020-03-112-9/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recent changes in how `jiffy:decode/1` handles malformed JSON has caused `jwtf:decode/3` to fail to properly return a bad request 400 response for some malformed tokens. First, this changes the name of the function to `decode_b64url_json/1`, indicating that it decodes something that has been first been JSON encoded, and then base64url encoded. More substantially, it wraps both the base64url and jiffy decoding in a try/catch block, since both can throw errors, while the former can also return an error tuple. Tests have been added to ensure all code paths are covered.
| | | * Enable code coverageJay Doane2020-03-111-0/+2
| | |/
| | * Create LICENSERobert Newson2020-03-101-0/+176
| | |
| | * Merge pull request #11 from cloudant/separate-test-moduleJay Doane2017-08-142-253/+292
| | |\ | | | | | | | | Separate tests into dedicated module
| | | * Separate tests into dedicated moduleJay Doane2017-08-112-253/+292
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | Currently jwtf tests don't run in a continuous integration environment, presumably due to dependency rules. This splits the tests into their own module, but requires exposing a couple new functions in jwtf to support them. Some long lines were also broken into smaller lengths.
| | * Merge pull request #10 from cloudant/move-key-cacheJay Doane2017-08-084-251/+0
| | |\ | | | | | | | | Move key cache to epep
| | | * Move key cache to epep applicationJay Doane2017-08-074-251/+0
| | |/
| | * Suppress compiler warningsJay Doane2017-06-201-2/+2
| | |
| | * Merge pull request #3 from jaydoane/simplify-testsJay Doane2017-06-191-3/+3
| | |\ | | | | | | | | Simplify tests
| | | * Make time explicitly in futureJay Doane2017-06-191-1/+1
| | | |
| | | * Remove unnecessary propsJay Doane2017-06-191-2/+2
| | |/
| | * get_keyset needs ssl startedRobert Newson2017-06-161-0/+1
| | |
| | * remove dependency on openssl commandsRobert Newson2017-06-152-83/+32
| | |
| | * throw errors that chttpd:error_info can understandRobert Newson2017-06-152-40/+44
| | |
| | * move error wrapping to decode functionRobert Newson2017-06-151-20/+20
| | |
| | * Return error from update_cacheRobert Newson2017-06-151-2/+6
| | |
| | * Ensure error reason is convertable to JSONRobert Newson2017-06-091-6/+6
| | |
| | * Merge pull request #6 from cloudant/implement-encodeJay Doane2017-06-082-42/+199
| | |\ | | | | | | | | Implement encode
| | | * Support JWT encodingJay Doane2017-06-081-42/+117
| | | | | | | | | | | | | | | | | | | | Implement jwtf:encode/3 for encoding JSON Web Tokens. Test encode/decode round trip for each supported alg.
| | | * Generate rsa private keys and keypairsJay Doane2017-06-081-0/+82
| | |/
| | * Merge pull request #5 from jaydoane/improve-restart-strategyRobert Newson2017-05-301-1/+1
| | |\ | | | | | | | | Improve restart strategy
| | | * Improve restart strategyJay Doane2017-05-291-1/+1
| | |/ | | | | | | | | | Tolerate 5 crashes per 10 seconds
| | * Improve pubkey not found error handling (#4)Jay Doane2017-05-241-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Improve pubkey not found error handling When the public key identified by the {Alg, KID} tuple is not found on the IAM keystore server, it's possible to see errors like: (node1@127.0.0.1)140> epep:jwt_decode(SampleJWT). ** exception error: no function clause matching public_key:do_verify(<<"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjIwMTcwNTIwLTAwOjAwOjAwIn0.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjEyMzIx"...>>, sha256, <<229,188,162,247,201,233,118,32,115,206,156, 169,17,221,78,157,161,147,46,179,42,219,66, 15,139,91,...>>, {error,not_found}) (public_key.erl, line 782) in function jwtf:public_key_verify/4 (src/jwtf.erl, line 212) in call from jwtf:decode/3 (src/jwtf.erl, line 30) Modify key/1 and public_key_not_found_test/0 to account for keystore changing from returning an error tuple to throwing one.
| | * require alg+kid for key lookupRobert Newson2017-05-121-7/+8
| | |
| | * add ibrowse as depRobert Newson2017-05-121-0/+1
| | |
| | * provide caching of JWKS keysRobert Newson2017-05-114-0/+119
| | |
| | * IAT validation requires it to be a number, any numberRobert Newson2017-05-111-4/+6
| | |
| | * add tests for HS384 and HS512Robert Newson2017-05-111-2/+26
| | |
| | * fix testRobert Newson2017-05-101-1/+1
| | |
| | * test ECRobert Newson2017-05-101-5/+16
| | |
| | * return a public key tupleRobert Newson2017-05-101-3/+6
| | |
| | * update alg listRobert Newson2017-05-101-1/+7
| | |
| | * support P-256 in JWKSRobert Newson2017-05-101-1/+13
| | |
| | * expand algorithm supportRobert Newson2017-05-102-18/+86
| | |
| | * slightly improve readmeRobert Newson2017-05-091-2/+4
| | |
| | * allow iss to be optionalRobert Newson2017-05-091-1/+3
| | |
| | * make jwks simpler, caching can happen elsewhereRobert Newson2017-05-093-108/+4
| | |
| | * Add stats, don't wipe cache on errorRobert Newson2017-05-093-14/+30
| | |
| | * some documentationRobert Newson2017-05-092-0/+15
| | |
| | * kid belongs in the headerRobert Newson2017-05-091-9/+9
| | |
View Lorry Controller Status