Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[86] Ignore [String] JWK parameters #116

Merged
6 commits merged into from
Oct 18, 2018
Merged

[86] Ignore [String] JWK parameters #116

6 commits merged into from
Oct 18, 2018

Conversation

xavierLowmiller
Copy link
Contributor

Description

(Fixes #86)

This pull request provides a workaround for the x5c parameter, which isn't a String but an Array of Strings ([String]).
The current behavior is to throw an error when serializing.

Please note that this is just a workaround for #86 and does not do any certificate validation (as planned in #57).

@ghost ghost requested review from a user and carol-mohemian October 17, 2018 07:08
@ghost ghost assigned xavierLowmiller Oct 17, 2018
ghost
ghost suggested changes Oct 17, 2018
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @xaverlohmueller, 👋

thanks so much for implementing this workaround. Sorry for the late reply we had a quite busy start of the week.

It already looks really good! Please have a look at my comments and tell me what you think. 🙂 Afterward we'll merge and release a new version with this workaround.

JOSESwift/Sources/RSAKeyCodable.swift Outdated
@@ -62,7 +62,7 @@ extension RSAPublicKey: Decodable {

// Other common parameters are optional.
var parameters: [String: String] = [:]
for key in commonParameters.allKeys {
for key in commonParameters.allKeys where key != .X509CertificateChain {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please also ignore the keyOperations parameter, it is an array of strings as well.

Suggested change
for key in commonParameters.allKeys where key != .X509CertificateChain {
for key in commonParameters.allKeys where key != .X509CertificateChain && key != .keyOperations {

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be awesome if you could also add the workaround to the decoding of RSAPrivateKey here.

Tests/JWKx5cTests.swift Outdated
@testable import JOSESwift

class JWKx5cTests: XCTestCase {
func testBuildingJWKSetShouldNotFailIfCertificatesArePresent() {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test would probably fit nicely into JWKRSADecodingTests.swift.

@ghost ghost mentioned this pull request Oct 17, 2018
Open
@xavierLowmiller
Copy link
Contributor Author

Hey, thanks for your review and suggestions for improvement!

I implemented the requested changes.

@ghost ghost mentioned this pull request Oct 17, 2018
Merged
ghost
ghost suggested changes Oct 17, 2018
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @xaverlohmueller for the update to the pull request. Just one more thing: Please also ignore the keyOperations parameter (it is a string array as well) to prevent the same bug from happening there. See my comments. 🙂

JOSESwift/Sources/RSAKeyCodable.swift Outdated Show resolved Hide resolved
JOSESwift/Sources/RSAKeyCodable.swift Outdated
@@ -119,7 +119,7 @@ extension RSAPrivateKey: Decodable {

// Other common parameters are optional.
var parameters: [String: String] = [:]
for key in commonParameters.allKeys {
for key in commonParameters.allKeys where key != .X509CertificateChain {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be awesome if you could also ignore the keyOperations parameter here and in the public key decoding.

Suggested change
for key in commonParameters.allKeys where key != .X509CertificateChain {
for key in commonParameters.allKeys where key != .X509CertificateChain && key != .keyOperations {

ghost
ghost approved these changes Oct 18, 2018
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome! Let's get this merged. ✅

@ghost ghost changed the title Fix #86: Serialization with certificates [86] Ignore [String] JWK parameters Oct 18, 2018
@ghost ghost merged commit cfdbf05 into airsidemobile:master Oct 18, 2018
@xavierLowmiller xavierLowmiller deleted the #86 branch October 18, 2018 08:53
@xavierLowmiller
Copy link
Contributor Author

Awesome!

@carol-mohemian
Copy link
Contributor

Thanks for your contribution @xaverlohmueller from my side as well! 👏

Just FYI: A new version with the merged changes will be released during the day.

@carol-mohemian carol-mohemian mentioned this pull request Oct 18, 2018
Merged
@ghost
Copy link

ghost commented Oct 18, 2018

The 1.3.1 release is now live on CocoaPods! 🎉

This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@carol-mohemian carol-mohemian Awaiting requested review from carol-mohemian

Assignees

@xavierLowmiller xavierLowmiller

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@xavierLowmiller @carol-mohemian