Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | View is partitioned if db and view are partitioneddont-crash-dbview-partitioned | Robert Newson | 2020-03-16 | 1 | -10/+1 |
| | | | | | | | We've seen a crash if DbPartitioned is false and ViewPartitioned is true, which is obviously nonsense. The effect of the `nocase` is the termination of the couch_index_server gen_server, which is a serious amplification of a small (user-initiated) oddity. | ||||
* | Merge pull request #2668 from apache/jwtf-unknown-checks | Robert Newson | 2020-03-16 | 2 | -0/+23 |
|\ | | | | | Throw if an unknown check is passed to jwtf:decode | ||||
| * | Throw if an unknown check is passed to jwtf:decode | Robert Newson | 2020-03-16 | 2 | -0/+23 |
|/ | |||||
* | Port elixir proxyauth tests from js to elixir (#2660) | Juanjo Rodriguez | 2020-03-16 | 9 | -32/+227 |
| | | | | * Add support for specify a custom config file for CouchDB startup during testing * Port proxyauth test from js to elixir | ||||
* | Merge pull request #2661 from apache/jwtf-enhance-alg-check | Robert Newson | 2020-03-13 | 2 | -4/+15 |
|\ | | | | | Enhance alg check | ||||
| * | Enhance alg checkjwtf-enhance-alg-check | Robert Newson | 2020-03-13 | 2 | -4/+15 |
|/ | | | | | The "alg" check can now take list of algorithms that are supported, which must be from the valid list of algorithms. | ||||
* | Merge pull request #2658 from apache/import-jwtf | Robert Newson | 2020-03-12 | 9 | -0/+854 |
|\ | | | | | Import jwtf | ||||
| * | add jwtf to releaseimport-jwtf | Robert Newson | 2020-03-12 | 2 | -0/+3 |
| | | |||||
| * | merged jwtf into src/jwtf | Robert Newson | 2020-03-12 | 7 | -0/+851 |
| |\ | |||||
| | * | Merge pull request #12 from cloudant/handle-malformed-token | Jay Doane | 2020-03-11 | 3 | -9/+41 |
| | |\ | | | | | | | | | Handle malformed tokens with jiffy 1.x | ||||
| | | * | Handle malformed tokens with jiffy 1.x | Jay Doane | 2020-03-11 | 2 | -9/+39 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recent changes in how `jiffy:decode/1` handles malformed JSON has caused `jwtf:decode/3` to fail to properly return a bad request 400 response for some malformed tokens. First, this changes the name of the function to `decode_b64url_json/1`, indicating that it decodes something that has been first been JSON encoded, and then base64url encoded. More substantially, it wraps both the base64url and jiffy decoding in a try/catch block, since both can throw errors, while the former can also return an error tuple. Tests have been added to ensure all code paths are covered. | ||||
| | | * | Enable code coverage | Jay Doane | 2020-03-11 | 1 | -0/+2 |
| | |/ | |||||
| | * | Create LICENSE | Robert Newson | 2020-03-10 | 1 | -0/+176 |
| | | | |||||
| | * | Merge pull request #11 from cloudant/separate-test-module | Jay Doane | 2017-08-14 | 2 | -253/+292 |
| | |\ | | | | | | | | | Separate tests into dedicated module | ||||
| | | * | Separate tests into dedicated module | Jay Doane | 2017-08-11 | 2 | -253/+292 |
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | Currently jwtf tests don't run in a continuous integration environment, presumably due to dependency rules. This splits the tests into their own module, but requires exposing a couple new functions in jwtf to support them. Some long lines were also broken into smaller lengths. | ||||
| | * | Merge pull request #10 from cloudant/move-key-cache | Jay Doane | 2017-08-08 | 4 | -251/+0 |
| | |\ | | | | | | | | | Move key cache to epep | ||||
| | | * | Move key cache to epep application | Jay Doane | 2017-08-07 | 4 | -251/+0 |
| | |/ | |||||
| | * | Suppress compiler warnings | Jay Doane | 2017-06-20 | 1 | -2/+2 |
| | | | |||||
| | * | Merge pull request #3 from jaydoane/simplify-tests | Jay Doane | 2017-06-19 | 1 | -3/+3 |
| | |\ | | | | | | | | | Simplify tests | ||||
| | | * | Make time explicitly in future | Jay Doane | 2017-06-19 | 1 | -1/+1 |
| | | | | |||||
| | | * | Remove unnecessary props | Jay Doane | 2017-06-19 | 1 | -2/+2 |
| | |/ | |||||
| | * | get_keyset needs ssl started | Robert Newson | 2017-06-16 | 1 | -0/+1 |
| | | | |||||
| | * | remove dependency on openssl commands | Robert Newson | 2017-06-15 | 2 | -83/+32 |
| | | | |||||
| | * | throw errors that chttpd:error_info can understand | Robert Newson | 2017-06-15 | 2 | -40/+44 |
| | | | |||||
| | * | move error wrapping to decode function | Robert Newson | 2017-06-15 | 1 | -20/+20 |
| | | | |||||
| | * | Return error from update_cache | Robert Newson | 2017-06-15 | 1 | -2/+6 |
| | | | |||||
| | * | Ensure error reason is convertable to JSON | Robert Newson | 2017-06-09 | 1 | -6/+6 |
| | | | |||||
| | * | Merge pull request #6 from cloudant/implement-encode | Jay Doane | 2017-06-08 | 2 | -42/+199 |
| | |\ | | | | | | | | | Implement encode | ||||
| | | * | Support JWT encoding | Jay Doane | 2017-06-08 | 1 | -42/+117 |
| | | | | | | | | | | | | | | | | | | | | Implement jwtf:encode/3 for encoding JSON Web Tokens. Test encode/decode round trip for each supported alg. | ||||
| | | * | Generate rsa private keys and keypairs | Jay Doane | 2017-06-08 | 1 | -0/+82 |
| | |/ | |||||
| | * | Merge pull request #5 from jaydoane/improve-restart-strategy | Robert Newson | 2017-05-30 | 1 | -1/+1 |
| | |\ | | | | | | | | | Improve restart strategy | ||||
| | | * | Improve restart strategy | Jay Doane | 2017-05-29 | 1 | -1/+1 |
| | |/ | | | | | | | | | | Tolerate 5 crashes per 10 seconds | ||||
| | * | Improve pubkey not found error handling (#4) | Jay Doane | 2017-05-24 | 1 | -0/+9 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Improve pubkey not found error handling When the public key identified by the {Alg, KID} tuple is not found on the IAM keystore server, it's possible to see errors like: (node1@127.0.0.1)140> epep:jwt_decode(SampleJWT). ** exception error: no function clause matching public_key:do_verify(<<"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjIwMTcwNTIwLTAwOjAwOjAwIn0.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjEyMzIx"...>>, sha256, <<229,188,162,247,201,233,118,32,115,206,156, 169,17,221,78,157,161,147,46,179,42,219,66, 15,139,91,...>>, {error,not_found}) (public_key.erl, line 782) in function jwtf:public_key_verify/4 (src/jwtf.erl, line 212) in call from jwtf:decode/3 (src/jwtf.erl, line 30) Modify key/1 and public_key_not_found_test/0 to account for keystore changing from returning an error tuple to throwing one. | ||||
| | * | require alg+kid for key lookup | Robert Newson | 2017-05-12 | 1 | -7/+8 |
| | | | |||||
| | * | add ibrowse as dep | Robert Newson | 2017-05-12 | 1 | -0/+1 |
| | | | |||||
| | * | provide caching of JWKS keys | Robert Newson | 2017-05-11 | 4 | -0/+119 |
| | | | |||||
| | * | IAT validation requires it to be a number, any number | Robert Newson | 2017-05-11 | 1 | -4/+6 |
| | | | |||||
| | * | add tests for HS384 and HS512 | Robert Newson | 2017-05-11 | 1 | -2/+26 |
| | | | |||||
| | * | fix test | Robert Newson | 2017-05-10 | 1 | -1/+1 |
| | | | |||||
| | * | test EC | Robert Newson | 2017-05-10 | 1 | -5/+16 |
| | | | |||||
| | * | return a public key tuple | Robert Newson | 2017-05-10 | 1 | -3/+6 |
| | | | |||||
| | * | update alg list | Robert Newson | 2017-05-10 | 1 | -1/+7 |
| | | | |||||
| | * | support P-256 in JWKS | Robert Newson | 2017-05-10 | 1 | -1/+13 |
| | | | |||||
| | * | expand algorithm support | Robert Newson | 2017-05-10 | 2 | -18/+86 |
| | | | |||||
| | * | slightly improve readme | Robert Newson | 2017-05-09 | 1 | -2/+4 |
| | | | |||||
| | * | allow iss to be optional | Robert Newson | 2017-05-09 | 1 | -1/+3 |
| | | | |||||
| | * | make jwks simpler, caching can happen elsewhere | Robert Newson | 2017-05-09 | 3 | -108/+4 |
| | | | |||||
| | * | Add stats, don't wipe cache on error | Robert Newson | 2017-05-09 | 3 | -14/+30 |
| | | | |||||
| | * | some documentation | Robert Newson | 2017-05-09 | 2 | -0/+15 |
| | | | |||||
| | * | kid belongs in the header | Robert Newson | 2017-05-09 | 1 | -9/+9 |
| | | |