From 9735b787a400de116e3679872c4cff3c42e56b13 Mon Sep 17 00:00:00 2001 From: nick evans Date: Thu, 3 Oct 2024 13:56:23 -0400 Subject: [PATCH] Switch to updated jwt gem API --- lib/omniauth/strategies/yahoo_oauth2.rb | 16 +++++----------- omniauth-yahoo-oauth2.gemspec | 1 + 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/lib/omniauth/strategies/yahoo_oauth2.rb b/lib/omniauth/strategies/yahoo_oauth2.rb index c61fd52..2a010c0 100644 --- a/lib/omniauth/strategies/yahoo_oauth2.rb +++ b/lib/omniauth/strategies/yahoo_oauth2.rb @@ -132,17 +132,11 @@ def decode_info_token # We have to manually verify the claims because the third parameter to # JWT.decode is false since no verification key is provided. - ::JWT::Verify.verify_claims(decoded, - verify_iss: true, - iss: options.allowed_jwt_issuers, - verify_aud: true, - aud: options.client_id, - verify_sub: false, - verify_expiration: true, - verify_not_before: true, - verify_iat: true, - verify_jti: false, - leeway: options[:jwt_leeway]) + ::JWT::Claims.verify_payload!(decoded, + iss: options.allowed_jwt_issuers, + aud: options.client_id, + exp: { leeway: options.jwt_leeway }, + nbf: { leeway: options.jwt_leeway }) decoded end diff --git a/omniauth-yahoo-oauth2.gemspec b/omniauth-yahoo-oauth2.gemspec index be8de0f..2205379 100644 --- a/omniauth-yahoo-oauth2.gemspec +++ b/omniauth-yahoo-oauth2.gemspec @@ -3,6 +3,7 @@ require File.expand_path(File.join('..', 'lib', 'omniauth', 'yahoo_oauth2', 'ver Gem::Specification.new do |gem| gem.add_runtime_dependency 'omniauth', '>= 1.1' gem.add_runtime_dependency 'omniauth-oauth2', '~> 1.1' + gem.add_runtime_dependency 'jwt', '~> 2.9.2' gem.add_development_dependency 'bundler', '~> 1.0' gem.authors = ['Amir Manji']