improve JWT#sign signature auto-detection feature

so that it can handle EC keys NOTE: might be better to handle EC curves
nov · Feb 23, 2018 · 4708f7d · 4708f7d
1 parent 67c6fbb
commit 4708f7d
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/lib/json/jwt.rb b/lib/json/jwt.rb
@@ -31,7 +31,16 @@ def sign(private_key_or_secret, algorithm = :autodetect)
         #  I'd like to make :RS256 default.
         #  However, by histrical reasons, :HS256 was default.
         #  This code is needed to keep legacy behavior.
-        algorithm = private_key_or_secret.is_a?(String) ? :HS256 : :RS256
+        algorithm = case private_key_or_secret
+        when String
+          :HS256
+        when OpenSSL::PKey::RSA
+          :RS256
+        when OpenSSL::PKey::EC
+          :ES256
+        else
+          raise UnexpectedAlgorithm.new('Signature algorithm auto-detection failed')
+        end
       end
       jws = JWS.new self
       jws.kid ||= private_key_or_secret[:kid] if private_key_or_secret.is_a? JSON::JWK