Update JWT interface and fix all the unit tests.

- Unit tests are all green.
- Fixed all the layout issues.

Author: pokowaka

src/base64/base64.cpp

@@ -21,19 +21,21 @@
 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #include "private/base64.h"
-#include <string>
 #include "jwt/allocators.h"
+#include <string>
 
 #define WHITESPACE 64
-#define EQUALS     65
-#define INVALID    66
+#define EQUALS 65
+#define INVALID 66
 
 inline char Base64Encode::EncodeChar(uint8_t in) {
-  const char table[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
+  const char table[] =
+      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
   return table[in];
 }
 
-int Base64Encode::DecodeUrl(const char *decode, size_t num_decode, char *out, size_t *num_out) {
+int Base64Encode::DecodeUrl(const char *decode, size_t num_decode, char *out,
+                            size_t *num_out) {
   // No integer overflows please.
   if ((decode + num_decode) < decode || (out + *num_out) < out)
     return 1;
@@ -51,19 +53,19 @@ int Base64Encode::DecodeUrl(const char *decode, size_t num_decode, char *out, si
     char c = DecodeChar(ch);
 
     switch (c) {
-      case INVALID:
-        return 1;   // invalid input, return error
-      default:
-        buf = buf << 6 | c;
-        iter++;   // increment the number of iteration
-        // If the buffer is full, split it into bytes
-        if (iter == 4) {
-          *(out++) = (buf >> 16) & 0xff;
-          *(out++) = (buf >> 8) & 0xff;
-          *(out++) = buf & 0xff;
-          buf = 0;
-          iter = 0;
-        }
+    case INVALID:
+      return 1; // invalid input, return error
+    default:
+      buf = buf << 6 | c;
+      iter++; // increment the number of iteration
+      // If the buffer is full, split it into bytes
+      if (iter == 4) {
+        *(out++) = (buf >> 16) & 0xff;
+        *(out++) = (buf >> 8) & 0xff;
+        *(out++) = buf & 0xff;
+        buf = 0;
+        iter = 0;
+      }
     }
   }
 
@@ -76,12 +78,12 @@ int Base64Encode::DecodeUrl(const char *decode, size_t num_decode, char *out, si
     }
   }
 
-  *num_out = (out - out_start);  // modify to reflect the actual output size
+  *num_out = (out - out_start); // modify to reflect the actual output size
   return 0;
 }
 
-int Base64Encode::EncodeUrl(const char* encode, size_t num_encode,
-    char* result, size_t* num_result) {
+int Base64Encode::EncodeUrl(const char *encode, size_t num_encode, char *result,
+                            size_t *num_result) {
   // No integer overflows please.
   if ((encode + num_encode) < encode || (result + *num_result) < result)
     return 1;
@@ -94,25 +96,26 @@ int Base64Encode::EncodeUrl(const char* encode, size_t num_encode,
     return 0;
   }
 
-  const char* start = result;
-  size_t eLen = (num_encode / 3) * 3;                              // Length of even 24-bits.
+  const char *start = result;
+  size_t eLen = (num_encode / 3) * 3; // Length of even 24-bits.
 
   // Encode even 24-bits
   for (size_t s = 0; s < eLen; s += 3) {
-    // Copy next three bytes into lower 24 bits of int, paying attension to sign.
+    // Copy next three bytes into lower 24 bits of int, paying attension to
+    // sign.
     uint32_t i = (*encode++ & 0xff) << 16;
     i = i | (*encode++ & 0xff) << 8;
     i = i | (*encode++ & 0xff);
 
     // Encode the int into four chars
-    *result++ =  EncodeChar((i >> 18) & 0x3f);
-    *result++ =  EncodeChar((i >> 12) & 0x3f);
-    *result++ =  EncodeChar((i >> 6) & 0x3f);
-    *result++ =  EncodeChar(i & 0x3f);
+    *result++ = EncodeChar((i >> 18) & 0x3f);
+    *result++ = EncodeChar((i >> 12) & 0x3f);
+    *result++ = EncodeChar((i >> 6) & 0x3f);
+    *result++ = EncodeChar(i & 0x3f);
   }
 
   // Pad and encode last bits if source isn't an even 24 bits.
-  size_t left = num_encode - eLen;   // 0 - 2.
+  size_t left = num_encode - eLen; // 0 - 2.
   if (left > 0) {
     // Prepare the int
     uint32_t i = ((*encode++ & 0xff) << 10);
@@ -131,11 +134,11 @@ int Base64Encode::EncodeUrl(const char* encode, size_t num_encode,
 }
 
 std::string Base64Encode::EncodeUrl(const std::string &input) {
-  size_t num_encoded =  EncodeBytesNeeded(input.size());
+  size_t num_encoded = EncodeBytesNeeded(input.size());
   str_ptr encoded(new char[num_encoded]);
   // Impossible to get a buffer overlow
   EncodeUrl(input.c_str(), input.size(), encoded.get(), &num_encoded);
-  return std::string(encoded.get(), num_encoded-1);
+  return std::string(encoded.get(), num_encoded - 1);
 }
 
 std::string Base64Encode::DecodeUrl(const std::string &input) {

src/include/jwt/allocators.h

@@ -26,12 +26,10 @@
 #include <stdlib.h>
 
 class json_str_delete {
- public:
-  inline void operator() (char* ptr) const {
-    free(ptr);
-  }
+public:
+  inline void operator()(char *ptr) const { free(ptr); }
 };
 
 typedef std::unique_ptr<char, json_str_delete> json_str;
 typedef std::unique_ptr<char[]> str_ptr;
-#endif  // SRC_INCLUDE_JWT_ALLOCATORS_H_
+#endif // SRC_INCLUDE_JWT_ALLOCATORS_H_

src/include/jwt/jwt.h

@@ -23,13 +23,14 @@
 #ifndef SRC_INCLUDE_JWT_JWT_H_
 #define SRC_INCLUDE_JWT_JWT_H_
 
-#include "jwt/claimvalidator.h"
-#include "jwt/json.hpp"
-#include "jwt/messagevalidator.h"
-#include <memory>
 #include <stddef.h>
+#include <memory>
 #include <string>
 #include <utility>
+#include <tuple>
+#include "jwt/claimvalidator.h"
+#include "jwt/json.hpp"
+#include "jwt/messagevalidator.h"
 
 // Stack allocated signature.
 #define MAX_SIGNATURE_LENGTH 256
@@ -48,82 +49,63 @@
  * more details.
  */
 class JWT {
-  using json = nlohmann::json;
-
-public:
-  ~JWT();
-
-  /**
-   * Parses an encoded web token and validates it.
-   *
-   * @param jwsToken String containing a valid webtoken
-   * @param verifier Optional verifier used to validate the signature. If this
-   *                 parameter is null the signature will not be verified.
-   * @param validator Optional validator to validate the claims in this token.
-   * The payload will not be validated if this parameter is null
-   * @throw TokenFormatError in case the token cannot be parsed
-   * @throw InvalidSignatureError in case the token is not signed
-   * @throw InvalidClaimError in case the payload cannot be validated
-   */
-  static JWT *Decode(std::string jwsToken, MessageValidator *verifier = nullptr,
-                     ClaimValidator *validator = nullptr);
+    using json = nlohmann::json;
 
-  /**
-   * Decodes and validates a JSON Web Token.
-   *
-   * @param jws_token String containing a valid webtoken
-   * @param num_jws_token The number of bytes in the jws_token string
-   * @param verifier Optional verifier used to validate the JOSE header. No
-   *                 verification will be done if this parameter is null .
-   * @param validator Optional validator to validate the claims in this token.
-   * The payload will not be validated if this parameter is null
-   * @throw TokenFormatError in case the token cannot be parsed
-   * @throw InvalidSignatureError in case the token is not signed
-   * @throw InvalidClaimError in case the payload cannot be validated
-   */
-  static JWT *Decode(const char *jws_token, size_t num_jws_token,
-                     MessageValidator *verifier = nullptr,
-                     ClaimValidator *validator = nullptr);
+   public:
 
-  /**
-   * Encodes the given json payload and optional header with the given signer.
-   *
-   * @param signer The MessageSigner used to sign the resulting token.
-   * @param payload The payload for this token.
-   * @param header The optional header. Note the "jwt" and "alg" fields will be
-   * set
-   * @return a char[] with a signed token. To be cleared up with calling
-   * delete[]
-   */
-  static std::string Encode(MessageSigner *signer, json payload,
-                            json header = nullptr);
+    /**
+     * Parses an encoded web token and validates it.
+     *
+     * @param jwsToken String containing a valid webtoken
+     * @param verifier Optional verifier used to validate the signature. If this
+     *                 parameter is null the signature will not be verified.
+     * @param validator Optional validator to validate the claims in this token.
+     * The payload will not be validated if this parameter is null
+     * @throw TokenFormatError in case the token cannot be parsed
+     * @throw InvalidSignatureError in case the token is not signed
+     * @throw InvalidClaimError in case the payload cannot be validated
+     */
+    static std::tuple<json, json> Decode(std::string jwsToken,
+                                         MessageValidator *verifier = nullptr,
+                                         ClaimValidator *validator = nullptr);
 
-  /**
-   * The contents of the JOSE Header describe the cryptographic operations
-   * applied to the JWT Claims Set.  Callers do not own the reference returned
-   * and should not free it.
-   */
-  inline const json header() { return header_; }
+    /**
+     * Decodes and validates a JSON Web Token.
+     *
+     * @param jws_token String containing a valid webtoken
+     * @param num_jws_token The number of bytes in the jws_token string
+     * @param verifier Optional verifier used to validate the JOSE header. No
+     *                 verification will be done if this parameter is null .
+     * @param validator Optional validator to validate the claims in this token.
+     * The payload will not be validated if this parameter is null
+     * @return A tuple containing the json header and the payload.
+     * @throw TokenFormatError in case the token cannot be parsed
+     * @throw InvalidSignatureError in case the token is not signed
+     * @throw InvalidClaimError in case the payload cannot be validated
+     */
+    static std::tuple<json, json> Decode(const char *jws_token,
+                                         size_t num_jws_token,
+                                         MessageValidator *verifier = nullptr,
+                                         ClaimValidator *validator = nullptr);
 
-  /**
-   * A JSON object that contains the claims conveyed by the JWT.  Callers do not
-   * own the reference returned and should not free it.
-   */
-  inline const json payload() { return payload_; }
+    /**
+     * Encodes the given json payload and optional header with the given signer.
+     *
+     * @param signer The MessageSigner used to sign the resulting token.
+     * @param payload The payload for this token.
+     * @param header The optional header. Note the "jwt" and "alg" fields will
+     * be set
+     * @return a char[] with a signed token. To be cleared up with calling
+     * delete[]
+     */
+    static std::string Encode(MessageSigner *signer, json payload,
+                              json header = nullptr);
 
-private:
-  JWT(json header, json payload);
-
-  static json ExtractPayload(const char *payload, size_t num_payload);
-  static bool VerifySignature(json header_claims_, const char *header,
-                              size_t num_header_and_payload,
-                              const char *signature, size_t num_signature,
-                              MessageValidator *verifier);
-
-  json header_;
-  json payload_;
+   private:
+    static json ExtractPayload(const char *payload, size_t num_payload);
+    static bool VerifySignature(json header_claims_, const char *header,
+                                size_t num_header_and_payload,
+                                const char *signature, size_t num_signature,
+                                MessageValidator *verifier);
 };
-
-/** Auto pointer that will release the token when it goes out of scope */
-typedef std::unique_ptr<JWT> jwt_ptr;
-#endif // SRC_INCLUDE_JWT_JWT_H_
+#endif  // SRC_INCLUDE_JWT_JWT_H_

src/include/jwt/jwt_all.h

@@ -22,17 +22,17 @@
 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #ifndef SRC_INCLUDE_JWT_JWT_ALL_H_
 #define SRC_INCLUDE_JWT_JWT_ALL_H_
-#include "jwt/jwt.h"
 #include "jwt/allocators.h"
+#include "jwt/jwt.h"
 
 // Validators
+#include "jwt/hmacvalidator.h"
 #include "jwt/messagevalidatorfactory.h"
 #include "jwt/nonevalidator.h"
 #include "jwt/rsavalidator.h"
-#include "jwt/hmacvalidator.h"
 
 // Claims
 #include "jwt/claimvalidatorfactory.h"
 #include "jwt/listclaimvalidator.h"
 #include "jwt/timevalidator.h"
-#endif  // SRC_INCLUDE_JWT_JWT_ALL_H_
+#endif // SRC_INCLUDE_JWT_JWT_ALL_H_

src/include/jwt/jwt_error.h

@@ -30,9 +30,9 @@
 /**
  * Indicates that we failed to validate and parse the token.
  */
-class InvalidTokenError :public std::runtime_error {
- public:
-  explicit InvalidTokenError(std::string msg) : std::runtime_error(msg) { }
+class InvalidTokenError : public std::runtime_error {
+public:
+  explicit InvalidTokenError(std::string msg) : std::runtime_error(msg) {}
 };
 
 /**
@@ -41,16 +41,16 @@ class InvalidTokenError :public std::runtime_error {
  * from this set of bytes.
  */
 class TokenFormatError : public InvalidTokenError {
- public:
-  explicit TokenFormatError(std::string msg) : InvalidTokenError(msg) { }
+public:
+  explicit TokenFormatError(std::string msg) : InvalidTokenError(msg) {}
 };
 
 /**
  * The token is not properly signed.
  */
 class InvalidSignatureError : public InvalidTokenError {
- public:
-  explicit InvalidSignatureError(std::string msg) : InvalidTokenError(msg) { }
+public:
+  explicit InvalidSignatureError(std::string msg) : InvalidTokenError(msg) {}
 };
 
-#endif  // SRC_INCLUDE_JWT_JWT_ERROR_H_
+#endif // SRC_INCLUDE_JWT_JWT_ERROR_H_