This is an automated email from the ASF dual-hosted git repository. vatamane pushed a commit to branch jwtf-es256-fail-erlang-20 in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit ba6d78d4a675988f96a27981f889e9108eefc1d6 Author: Nick Vatamaniuc <[email protected]> AuthorDate: Tue May 24 16:06:34 2022 -0400 Exclude jwtf EC algorithms on Erlang 20 --- src/jwtf/src/jwtf.erl | 17 +++++++++++++++++ src/jwtf/test/jwtf_tests.erl | 4 ++++ 2 files changed, 21 insertions(+) diff --git a/src/jwtf/src/jwtf.erl b/src/jwtf/src/jwtf.erl index f0a5bd6ca..e45a1ade1 100644 --- a/src/jwtf/src/jwtf.erl +++ b/src/jwtf/src/jwtf.erl @@ -29,6 +29,9 @@ -include_lib("public_key/include/public_key.hrl"). + +-ifdef(OTP_RELEASE). + -define(ALGS, [ % RSA PKCS#1 signature with SHA-256 {<<"RS256">>, {public_key, sha256}}, @@ -42,6 +45,20 @@ {<<"HS512">>, {hmac, sha512}} ]). +-else. + +-define(ALGS, [ + % RSA PKCS#1 signature with SHA-256 + {<<"RS256">>, {public_key, sha256}}, + {<<"RS384">>, {public_key, sha384}}, + {<<"RS512">>, {public_key, sha512}}, + {<<"HS256">>, {hmac, sha256}}, + {<<"HS384">>, {hmac, sha384}}, + {<<"HS512">>, {hmac, sha512}} +]). + +-endif. + -define(CHECKS, [ alg, exp, diff --git a/src/jwtf/test/jwtf_tests.erl b/src/jwtf/test/jwtf_tests.erl index b0b9f1fab..57fb9ac8d 100644 --- a/src/jwtf/test/jwtf_tests.erl +++ b/src/jwtf/test/jwtf_tests.erl @@ -285,6 +285,8 @@ rs256_test() -> ?assertMatch({ok, ExpectedPayload}, jwtf:decode(EncodedToken, Checks, KS)). + +-ifdef(OTP_RELEASE). %% jwt.io generated es256_test() -> EncodedToken = << @@ -306,6 +308,8 @@ es256_test() -> ?assertMatch({ok, ExpectedPayload}, jwtf:decode(EncodedToken, Checks, KS)). +-endif. + encode_missing_alg_test() -> ?assertEqual( {error, {bad_request, <<"Missing alg header parameter">>}},
