Skip to content

Commit

Permalink
Update verify function parameter to use some JWTAlgorithm (#152)
Browse files Browse the repository at this point in the history 
Update verify function parameter
  • Loading branch information
@ptoffy
ptoffy authored Apr 23, 2024
1 parent 3743b9e commit 1065f0b
Show file tree
Hide file tree
Showing 10 changed files with 36 additions and 36 deletions.
2 changes: 1 addition & 1 deletion Sources/JWTKit/JWTPayload.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@
/// Each variable represents a claim.
public protocol JWTPayload: Codable, Sendable {
/// Verifies that the payload's claims are correct or throws an error.
func verify(using algorithm: JWTAlgorithm) async throws
func verify(using algorithm: some JWTAlgorithm) async throws
}
2 changes: 1 addition & 1 deletion Sources/JWTKit/Vendor/AppleIdentityToken.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ public struct AppleIdentityToken: JWTPayload {
self.realUserStatus = realUserStatus
}

public func verify(using _: JWTAlgorithm) throws {
public func verify(using _: some JWTAlgorithm) throws {
guard self.issuer.value == "https://appleid.apple.com" else {
throw JWTError.claimVerificationFailure(failedClaim: issuer, reason: "Token not provided by Apple")
}
Expand Down
2 changes: 1 addition & 1 deletion Sources/JWTKit/Vendor/GoogleIdentityToken.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ public struct GoogleIdentityToken: JWTPayload {
self.nonce = nonce
}

public func verify(using _: JWTAlgorithm) throws {
public func verify(using _: some JWTAlgorithm) throws {
guard ["accounts.google.com", "https://accounts.google.com"].contains(self.issuer.value) else {
throw JWTError.claimVerificationFailure(failedClaim: issuer, reason: "Token not provided by Google")
}
Expand Down
2 changes: 1 addition & 1 deletion Sources/JWTKit/Vendor/MicrosoftIdentityToken.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@ public struct MicrosoftIdentityToken: JWTPayload {
self.version = version
}

public func verify(using _: JWTAlgorithm) throws {
public func verify(using _: some JWTAlgorithm) throws {
guard let tenantId = self.tenantId.value else {
throw JWTError.claimVerificationFailure(failedClaim: tenantId, reason: "Token must contain tenant Id")
}
Expand Down
10 changes: 5 additions & 5 deletions Tests/JWTKitTests/ECDSATests.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ final class ECDSATests: XCTestCase {
func testVerifyingECDSAKeyUsingJWK() async throws {
struct Foo: JWTPayload {
var bar: Int
func verify(using _: JWTAlgorithm) throws {}
func verify(using _: some JWTAlgorithm) throws {}
}

// ecdsa key
Expand Down Expand Up @@ -117,7 +117,7 @@ final class ECDSATests: XCTestCase {
func testVerifyingECDSAKeyUsingJWKBase64URL() async throws {
struct Foo: JWTPayload {
var bar: Int
func verify(using _: JWTAlgorithm) throws {}
func verify(using _: some JWTAlgorithm) throws {}
}

// ecdsa key in base64url format
Expand Down Expand Up @@ -156,7 +156,7 @@ final class ECDSATests: XCTestCase {
func testVerifyingECDSAKeyUsingJWKWithMixedBase64Formats() async throws {
struct Foo: JWTPayload {
var bar: Int
func verify(using _: JWTAlgorithm) throws {}
func verify(using _: some JWTAlgorithm) throws {}
}

// ecdsa key in base64url format
Expand Down Expand Up @@ -198,7 +198,7 @@ final class ECDSATests: XCTestCase {
}
struct Payload: JWTPayload {
let foo: String
func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
guard foo == "bar" else {
throw NotBar(foo: foo)
}
Expand Down Expand Up @@ -231,7 +231,7 @@ final class ECDSATests: XCTestCase {
let key2 = try ES256PrivateKey(pem: key.pemRepresentation)
XCTAssertEqual(key, key2)
}

func testGetECParametersES256() async throws {
let message = "test".bytes

Expand Down
6 changes: 3 additions & 3 deletions Tests/JWTKitTests/EdDSATests.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ final class EdDSATests: XCTestCase {
func testVerifyingEdDSAKeyUsingJWK() async throws {
struct Foo: JWTPayload {
var bar: Int
func verify(using _: JWTAlgorithm) throws {}
func verify(using _: some JWTAlgorithm) throws {}
}

// ecdsa key in base64 format
Expand Down Expand Up @@ -75,7 +75,7 @@ final class EdDSATests: XCTestCase {
func testVerifyingEdDSAKeyUsingJWKBase64URL() async throws {
struct Foo: JWTPayload {
var bar: Int
func verify(using _: JWTAlgorithm) throws {}
func verify(using _: some JWTAlgorithm) throws {}
}

// eddsa key in base64url format
Expand Down Expand Up @@ -112,7 +112,7 @@ final class EdDSATests: XCTestCase {
func testVerifyingEdDSAKeyUsingJWKWithMixedBase64Formats() async throws {
struct Foo: JWTPayload {
var bar: Int
func verify(using _: JWTAlgorithm) throws {}
func verify(using _: some JWTAlgorithm) throws {}
}

// eddsa key in base64url format
Expand Down
36 changes: 18 additions & 18 deletions Tests/JWTKitTests/JWTKitTests.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ class JWTKitTests: XCTestCase {
//
// Since we have an ExpirationClaim, we will
// call its verify method.
func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
try expiration.verifyNotExpired()
}
}
Expand Down Expand Up @@ -133,7 +133,7 @@ class JWTKitTests: XCTestCase {
var admin: Bool
var iat: IssuedAtClaim

func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
// no verifiable claims
}
}
Expand Down Expand Up @@ -235,7 +235,7 @@ class JWTKitTests: XCTestCase {
}
struct Payload: JWTPayload {
let foo: String
func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
guard foo == "bar" else {
throw NotBar(foo: foo)
}
Expand Down Expand Up @@ -270,7 +270,7 @@ class JWTKitTests: XCTestCase {
), kid: "vapor")
struct Foo: JWTPayload {
var bar: Int
func verify(using _: JWTAlgorithm) throws {}
func verify(using _: some JWTAlgorithm) throws {}
}
let jwt = try await keyCollection.sign(Foo(bar: 42), kid: "vapor")

Expand Down Expand Up @@ -413,7 +413,7 @@ class JWTKitTests: XCTestCase {
XCTAssertEqual(error.errorType, .malformedToken)
}
}

func testCustomHeaderFields() async throws {
let keyCollection = await JWTKeyCollection().addHS256(key: "secret".bytes)

Expand Down Expand Up @@ -451,7 +451,7 @@ class JWTKitTests: XCTestCase {

func testSampleOpenbankingHeader() async throws {
let keyCollection = await JWTKeyCollection().addHS256(key: "secret".bytes)

// https://openbanking.atlassian.net/wiki/spaces/DZ/pages/937656404/Read+Write+Data+API+Specification+-+v3.1
let customFields: JWTHeader = [
"kid": "90210ABAD",
Expand All @@ -465,16 +465,16 @@ class JWTKitTests: XCTestCase {
"http://openbanking.org.uk/tan",
],
]

let payload = TestPayload(
sub: "vapor",
name: "Foo",
admin: false,
exp: .init(value: .init(timeIntervalSince1970: 2_000_000_000))
)

let token = try await keyCollection.sign(payload, header: customFields)

let parsed = try DefaultJWTParser().parse(token.bytes, as: TestPayload.self)
let iat = parsed.header[dynamicMember: "http://openbanking.org.uk/iat"]?.asInt
XCTAssertEqual(iat, 1_501_497_671)
Expand All @@ -488,7 +488,7 @@ class JWTKitTests: XCTestCase {

func testSigningWithKidInHeader() async throws {
let key = ES256PrivateKey()

let keyCollection = await JWTKeyCollection()
.addES256(key: key, kid: "private")
.addES256(key: key.publicKey, kid: "public")
Expand All @@ -498,33 +498,33 @@ class JWTKitTests: XCTestCase {
admin: false,
exp: .init(value: .init(timeIntervalSince1970: 2_000_000_000))
)

let _ = try await keyCollection.sign(payload, header: ["kid": "private"])
await XCTAssertThrowsErrorAsync(try await keyCollection.sign(payload, header: ["kid": "public"]))
let _ = try await keyCollection.sign(payload, kid: "private")
await XCTAssertThrowsErrorAsync(try await keyCollection.sign(payload, kid: "public"))

let _ = try await keyCollection.sign(payload, kid: "private", header: ["kid": "public"])
await XCTAssertThrowsErrorAsync(try await keyCollection.sign(payload, kid: "public", header: ["kid": "private"]))
}

func testCustomObjectHeader() async throws {
let keyCollection = await JWTKeyCollection().addHS256(key: "secret".bytes)

let customFields: JWTHeader = [
"kid": "some-kid",
"foo": ["bar": "baz"],
]

let payload = TestPayload(
sub: "vapor",
name: "Foo",
admin: false,
exp: .init(value: .init(timeIntervalSince1970: 2_000_000_000))
)

let token = try await keyCollection.sign(payload, header: customFields)

let parsed = try DefaultJWTParser().parse(token.bytes, as: TestPayload.self)
let foo = try parsed.header.foo?.asObject(of: String.self)
XCTAssertEqual(foo, ["bar": "baz"])
Expand Down Expand Up @@ -560,7 +560,7 @@ struct BadBoolPayload: Decodable {
struct ExpirationPayload: JWTPayload {
var exp: ExpirationClaim

func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
try exp.verifyNotExpired()
}
}
Expand Down Expand Up @@ -634,7 +634,7 @@ struct FirebasePayload: JWTPayload, Equatable {
let issuedAt: IssuedAtClaim
let expiration: ExpirationClaim

func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
try expiration.verifyNotExpired(currentDate: .distantPast)
}
}
Expand Down
2 changes: 1 addition & 1 deletion Tests/JWTKitTests/PSSTests.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ final class PSSTests: XCTestCase {
}
struct Payload: JWTPayload {
var foo: String
func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
guard foo == "bar" else {
throw NotBar(foo: foo)
}
Expand Down
2 changes: 1 addition & 1 deletion Tests/JWTKitTests/Utils/TestPayload.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ struct TestPayload: JWTPayload, Equatable {
var admin: Bool
var exp: ExpirationClaim

func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
try exp.verifyNotExpired()
}
}
8 changes: 4 additions & 4 deletions Tests/JWTKitTests/X5CTests.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@ final class X5CTests: XCTestCase {
let signedDate: Date
let notificationType: String

func verify(using _: JWTAlgorithm) async throws {}
func verify(using _: some JWTAlgorithm) async throws {}
}

let verifier = try X5CVerifier(rootCertificates: [cert])
Expand Down Expand Up @@ -205,7 +205,7 @@ final class X5CTests: XCTestCase {
XCTFail("Should not have validated")
}
}

func testSigningWithX5CChain() async throws {
let keyCollection = try await JWTKeyCollection().addES256(key: ES256PrivateKey(pem: x5cLeafCertKey))

Expand Down Expand Up @@ -249,7 +249,7 @@ final class X5CTests: XCTestCase {
let verifier = try X5CVerifier(rootCertificates: [certs.last!])
await XCTAssertThrowsErrorAsync(try await verifier.verifyJWS(token, as: TestPayload.self))
}

// MARK: Private

private func getPEMString(from der: String) throws -> String {
Expand Down Expand Up @@ -370,7 +370,7 @@ let intermediate = try! Certificate(derEncoded: Array(Data(base64Encoded: "MIIBn
private struct TokenPayload: JWTPayload {
var cool: BoolClaim

func verify(using _: JWTAlgorithm) throws {
func verify(using _: some JWTAlgorithm) throws {
if !cool.value {
throw JWTError.claimVerificationFailure(failedClaim: cool, reason: "not cool")
}
Expand Down

0 comments on commit 1065f0b

Please sign in to comment.