Upgrade basexx, remove url64 hacks

Author: DorianGray

jwt-0.3-2.rockspec renamed to jwt-0.4-0.rockspec

@@ -1,8 +1,8 @@
 package = "jwt"
-version = "0.3-2"
+version = "0.4-0"
 source = {
-  url = "https://github.com/Olivine-Labs/lua-jwt/archive/v0.3.tar.gz",
-  dir = "lua-jwt-0.3"
+  url = "https://github.com/Olivine-Labs/lua-jwt/archive/v0.4.tar.gz",
+  dir = "lua-jwt-0.4"
 }
 description = {
   summary = "A library for encoding and decoding json web tokens.",
@@ -15,7 +15,7 @@ dependencies = {
   "lua >= 5.1",
   "busted >= 1.7-1",
   "luacrypto >= 0.3.2-1",
-  "basexx >= 0.1.0-1"
+  "basexx >= 0.2.0-0"
 }
 build = {
   type = "builtin",

src/jwt.lua

@@ -52,8 +52,7 @@ function data.decode(str, options)
   if not str then return nil, "Parameter 1 cannot be nil" end
   local dotFirst = str:find("%.")
   if not dotFirst then return nil, "Invalid token" end
-  str = str:gsub('-','+'):gsub('_','/')
-  local header = json.decode((basexx.from_base64(str:sub(1,dotFirst-1))))
+  local header = json.decode((basexx.from_url64(str:sub(1,dotFirst-1))))
 
   return getJwt(header):decode(header, str, options)
 end

src/jwt/jws.lua

@@ -21,17 +21,13 @@ data.verify = {
   end,
 }
 
-local function urlSafe(base64)
-  return base64:gsub('+','-'):gsub('/','_'):gsub('=','')
-end
-
 function data:encode(header, claims, options)
   if not options then error("options are required") end
   if not options.keys then error("keys are required") end
-  local envelope  = urlSafe(basexx.to_base64(json.encode(header)).."."..basexx.to_base64(json.encode(claims)))
+  local envelope  = basexx.to_url64(json.encode(header)).."."..basexx.to_url64(json.encode(claims))
   local signature, err = self.sign[header.alg](envelope, options.keys.private)
   if not signature then error('failed to generate signature') end
-  return envelope ..'.'..urlSafe(basexx.to_base64(signature))
+  return envelope ..'.'..basexx.to_url64(signature)
 end
 
 function data:decode(header, str, options)
@@ -44,7 +40,7 @@ function data:decode(header, str, options)
   if dotSecond then
     bodyStr       = str:sub(1, dotSecond-1)
     if options and options.keys and options.keys.public then
-      signature     = basexx.from_base64(str:sub(dotSecond+1))
+      signature     = basexx.from_url64(str:sub(dotSecond+1))
     end
   else
     if options and options.keys and options.keys.public then
@@ -53,9 +49,9 @@ function data:decode(header, str, options)
     bodyStr = str
   end
 
-  local message = basexx.from_base64(bodyStr)
+  local message = basexx.from_url64(bodyStr)
   if signature then
-    if not self.verify[header.alg](urlSafe(rawHeader).."."..urlSafe(bodyStr), signature, options.keys.public) then
+    if not self.verify[header.alg](rawHeader.."."..bodyStr, signature, options.keys.public) then
       return nil, "Invalid token"
     end
   end

src/jwt/plain.lua

@@ -4,7 +4,7 @@ local json    = require 'cjson'
 local data    = {}
 
 function data:encode(header, claims)
-  return basexx.to_base64(json.encode(claims))
+  return basexx.to_url64(json.encode(claims))
 end
 
 function data:decode(header, str, options)
@@ -13,7 +13,7 @@ function data:decode(header, str, options)
   str = str:sub(dotFirst+1)
   local dotSecond = str:find("%.")
   if dotSecond then return nil, 'Invalid Token, alg=none but has signature' end
-  return json.decode(basexx.from_base64(str))
+  return json.decode(basexx.from_url64(str))
 end
 
 return data