diff --git a/Package.swift b/Package.swift index 622c3bd..7b4180a 100644 --- a/Package.swift +++ b/Package.swift @@ -7,6 +7,6 @@ let package = Package( .Package(url: "https://github.com/vapor/clibressl.git", majorVersion: 1), .Package(url: "https://github.com/matthijs2704/SwiftString.git", majorVersion: 1, minor: 0), .Package(url: "https://github.com/boostcode/CCurl.git", majorVersion: 0, minor: 2), - .Package(url: "https://github.com/siemensikkema/vapor-jwt.git", majorVersion: 0, minor: 2) + .Package(url: "https://github.com/siemensikkema/vapor-jwt.git", majorVersion: 0, minor: 4) ] ) diff --git a/Sources/VaporAPNS/VaporAPNS.swift b/Sources/VaporAPNS/VaporAPNS.swift index 83b87e7..44c3278 100644 --- a/Sources/VaporAPNS/VaporAPNS.swift +++ b/Sources/VaporAPNS/VaporAPNS.swift @@ -59,27 +59,21 @@ open class VaporAPNS { let headers = self.requestHeaders(for: message) var curlHeaders: UnsafeMutablePointer? if !options.usesCertificateAuthentication { - let currentTime = Int(Date().timeIntervalSince1970.rounded()) - let jsonPayload = try! JSON(node: [ - "iss": options.teamId, - "iat": currentTime - ]) -// print (jsonPayload) - let decodedKey = options.privateKey! - let jwt = try! JWT(payload: jsonPayload, - header: try! JSON(node: ["alg":"ES256","kid":options.keyId!,"typ":"JWT"]), - algorithm: .es(._256(decodedKey)), - encoding: .base64URL) + let jwt = try! JWT(additionalHeaders: [KeyID(options.keyId!)], + payload: Node([IssuerClaim(options.teamId!), + IssuedAtClaim()]), + encoding: Base64URLEncoding(), + signer: ES256(key: decodedKey)) - let tokenString = try! jwt.token() + let tokenString = try! jwt.createToken() let publicKey = options.publicKey! do { - let jwt2 = try JWT(token: tokenString, encoding: .base64URL) - let verified = try jwt2.verifySignature(key: publicKey) + let jwt2 = try JWT(token: tokenString, encoding: Base64URLEncoding()) + let verified = try jwt2.verifySignatureWith(ES256(key: publicKey)) if !verified { return .error(apnsId: message.messageId, error: .invalidSignature) } @@ -200,3 +194,11 @@ extension VaporAPNS { } } } + +struct KeyID: Header { + static let name = "kid" + var node: Node + init(_ keyID: String) { + node = Node(keyID) + } +} diff --git a/Tests/VaporAPNSTests/VaporAPNSTests.swift b/Tests/VaporAPNSTests/VaporAPNSTests.swift index e7c0bf9..f778673 100644 --- a/Tests/VaporAPNSTests/VaporAPNSTests.swift +++ b/Tests/VaporAPNSTests/VaporAPNSTests.swift @@ -48,28 +48,21 @@ class VaporAPNSTests: XCTestCase { // TODO: Set this up so others can test this } func testEncoding() throws { - let currentTime = Int(Date().timeIntervalSince1970.rounded()) - let jsonPayload = try JSON(node: [ - "iss": "D86BEC0E8B", - "iat": currentTime - ]) - - let jwt = try! JWT(payload: jsonPayload, - header: try! JSON(node: ["alg":"ES256","kid":"E811E6AE22","typ":"JWT"]), - algorithm: .es(._256("ALEILVyGWnbBaSaIFDsh0yoZaK+Ej0po/55jG2FR6u6C")), - encoding: .base64URL) - - let tokenString = try! jwt.token() - + let jwt = try! JWT( + additionalHeaders: [KeyID("E811E6AE22")], + payload: Node([IssuerClaim("D86BEC0E8B"), IssuedAtClaim()]), + signer: ES256(key: "ALEILVyGWnbBaSaIFDsh0yoZaK+Ej0po/55jG2FR6u6C")) + + let tokenString = try! jwt.createToken() + do { - let jwt2 = try JWT(token: tokenString, encoding: .base64URL) - let verified = try jwt2.verifySignature(key: "BKqKwB6hpXp9SzWGt3YxnHgCEkcbS+JSrhoqkeqru/Nf62MeE958RIiKYsLFA/czdE7ThCt46azneU0IBnMCuQU=") + let jwt2 = try JWT(token: tokenString) + let verified = try jwt2.verifySignatureWith(ES256(key: "BKqKwB6hpXp9SzWGt3YxnHgCEkcbS+JSrhoqkeqru/Nf62MeE958RIiKYsLFA/czdE7ThCt46azneU0IBnMCuQU=")) XCTAssertTrue(verified) } catch { - // fatalError("\(error)") - XCTFail ("Couldn't verify token") + print(error) + XCTFail("Couldn't verify token") } - } static var allTests : [(String, (VaporAPNSTests) -> () throws -> Void)] {