Skip to content

Commit

Permalink
Merge branch 'main' into jwk
Browse files Browse the repository at this point in the history
  • Loading branch information
ptoffy authored Dec 18, 2024
2 parents 26d83e3 + 9606fe6 commit 12e927d
Show file tree
Hide file tree
Showing 21 changed files with 934 additions and 271 deletions.
50 changes: 50 additions & 0 deletions .github/workflows/benchmark.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
name: Benchmark PR vs main
on:
workflow_dispatch:
pull_request_review:
types: [submitted]
pull_request:
branches: [ main ]
types: [synchronize]
paths:
- 'Sources/*.swift'
- .github/workflows/benchmark.yml

jobs:
benchmark-delta-linux:
if: github.event.review.state == 'approved'
runs-on:
- runs-on=${{ github.run_id }}
- runner=2cpu-linux-arm64
container: swift:jammy
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: jemalloc dependency
run: apt-get update && apt-get install -y libjemalloc-dev
- name: Fix Git config
run: |
git config --global --add safe.directory "${GITHUB_WORKSPACE}"
- name: Run benchmarks for PR branch
continue-on-error: true
run: |
swift package -c release --package-path Benchmarks --disable-sandbox benchmark baseline update pull_request --no-progress --quiet
- name: Run benchmarks for 'main' branch
run: |
git stash
git checkout main
swift package -c release --package-path Benchmarks --disable-sandbox benchmark baseline update main --no-progress --quiet
- name: Compare benchmarks
continue-on-error: true
run: |
date >> "${GITHUB_STEP_SUMMARY}"
swift package -c release --package-path Benchmarks benchmark baseline check main pull_request --format markdown >> "${GITHUB_STEP_SUMMARY}"
- name: Get formatted date
id: get-date
run: echo "date=$(date +'%Y-%m-%d %H:%M:%S')" >> $GITHUB_OUTPUT
- uses: thollander/actions-comment-pull-request@v3
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
message: ${{ format('[PR benchmark comparison with main on ubuntu-latest run at {0}]({1}/{2}/actions/runs/{3})', steps.get-date.outputs.date, github.server_url, github.repository, github.run_id) }}
comment_tag: 'PR benchmark comparison Linux'
30 changes: 6 additions & 24 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,7 @@ on:
pull_request: { types: [opened, reopened, synchronize, ready_for_review] }
push: { branches: [ main ] }

jobs:
lint:
runs-on: ubuntu-latest
container: swift:jammy
steps:
- name: Check out JWTKit
uses: actions/checkout@v4
- name: Run format lint check
run: swift format lint --strict --recursive --parallel .

jobs:
linux-integration:
if: ${{ !(github.event.pull_request.draft || false) }}
runs-on: ubuntu-latest
Expand All @@ -40,17 +31,8 @@ jobs:
with:
with_api_check: ${{ github.event_name == 'pull_request' }}
warnings_as_errors: true
secrets: inherit

ios-tests:
if: ${{ !(github.event.pull_request.draft || false) }}
runs-on: macos-latest
steps:
- name: Select appropriate Xcode version
uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: 16.0
- name: Check out JWTKit
uses: actions/checkout@v4
- name: Run iOS Tests
run: xcodebuild -scheme jwt-kit -destination generic/platform=iOS
with_linting: true
with_windows: true
with_musl: true
ios_scheme_name: jwt-kit
secrets: inherit
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,4 @@ DerivedData
Tests/LinuxMain.swift
.benchmarkBaselines/
Benchmarks/.benchmarkBaselines/
x5c_test_certs
70 changes: 0 additions & 70 deletions .swift-format

This file was deleted.

86 changes: 86 additions & 0 deletions Benchmarks/Benchmarks/Signing/Signing.swift
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
import Benchmark
import Foundation
import JWTKit

let benchmarks = {
Benchmark("ES256") { benchmark in
let key = ES256PrivateKey()
let keyCollection = JWTKeyCollection()
keyCollection.add(ecdsa: key)
for _ in benchmark.scaledIterations {
_ = try await keyCollection.sign(payload)
}
}

Benchmark("RSA") { benchmark in
let key = try Insecure.RSA.PrivateKey(pem: rsaPrivateKey)
let keyCollection = JWTKeyCollection()
keyCollection.add(rsa: key, digestAlgorithm: .sha256)
for _ in benchmark.scaledIterations {
_ = try await keyCollection.sign(payload)
}
}

Benchmark("EdDSA") { benchmark in
let key = try EdDSA.PrivateKey()
let keyCollection = JWTKeyCollection()
keyCollection.add(eddsa: key)
for _ in benchmark.scaledIterations {
_ = try await keyCollection.sign(payload)
}
}
}

struct Payload: JWTPayload {
let name: String
let admin: Bool

func verify(using signer: some JWTAlgorithm) async throws {
// nothing to verify
}
}

let payload = Payload(name: "Kyle", admin: true)

let ecdsaPrivateKey = """
-----BEGIN PRIVATE KEY-----
MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg2sD+kukkA8GZUpmm
jRa4fJ9Xa/JnIG4Hpi7tNO66+OGgCgYIKoZIzj0DAQehRANCAATZp0yt0btpR9kf
ntp4oUUzTV0+eTELXxJxFvhnqmgwGAm1iVW132XLrdRG/ntlbQ1yzUuJkHtYBNve
y+77Vzsd
-----END PRIVATE KEY-----
"""

let rsaPrivateKey = """
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDL8W1D9w5zHpmD
JqpTngIRJ+Sm21e42cRnTudhdejzKUiJQWkHSvQV5yC/+0iEXUsUJYEdSyrKhJFD
PT+IFGdjIiwb7IX+rUreWXlD/YYBL3/byMG4kYoO4oiPp2A+WvfeyLpuN549OXhk
7o5kXEZjKfjHTfmnAbCMoYW5BEpiHQC3HAeJZ5EiwAn8HZn5UY6lxJcf7H9hR83x
D0W7IZTNyxUu4aLNuihFIxJKgP/L/y95Y6ddZsyyHQopM43/7JOYBwufa07MWaxi
AdBdq1bR/ZeOt2aZaXhV+J6QUoUO8Z6fG6b2cQmvMgk4ybqoeciLII0DfFsyqavu
ip4hRr59AgMBAAECggEAUIw994XwMw922hG/W98gOd5jtHMVJnD73UGQqTGEm+VG
PM+Ux8iWtr/ec3Svo3elW4OkhwlVET9ikAf0u64zVzf769ty4K9YzpDQEEZlUrqL
6SZVPKxetppKDVKx9G7BT0BAQZ+947h7EIIXwxOeyTOeijkFzSwhqqlwwy4qoqzV
FTQS20QHE62hxzwuS5HBqw8ds183qAg9NbzR0Cp4za9qTiBB6C8KEcLqeatO+q+d
VCDsJcAMZOvW14N6BozKgbQ/WXZQ/3kNUPBndZLzzqaILFNmB1Zf2DVVJ9gU7+EK
xOac60StIfG81NllCTBrmRVq8yitNqwmutHMlxrIkQKBgQDvp39MkEHtNunFGkI5
R8IB5BZjtx5OdRBKkmPasmNU8U0XoQAJUKY/9piIpCtRi87tMXv8WWmlbULi66pu
4BnMIisw78xlIWRZTSizFrkFcEoVgEnbZBtSrOg/J5PAcjLEGCQoAdmMXAekR2/m
htv7FPijHPNUjyIFLaxwjl9izwKBgQDZ2mQeKNRHjIb5ZBzB0ZCvUy2y4+kaLrhZ
+CWMN1flL4dd1KuZKvCEfHY9kWOjqw6XneN4yT0aPmbBft4fihiiNW0Sm8i+fSpy
g0klw2HJl49wnwctBpRgTdMKGo9n14OGeu0xKOAy7I4j1tKrUXiRWnP9R583Ti7c
w7YHgdHM8wKBgEV147SaPzF08A6bzMPzY2zO4hpmsdcFoQIsKdryR04QXkrR9EO+
52C0pYM9Kf0Jq6Ed7ZS3iaJT58YDjjNyqqd648/cQP6yzfYAIiK+HERSRnay5zU6
b5zn1qyvWOi3cLVbVedumdJPvjtEJU/ImKvOaT5FntVMYwzjLw60hTsLAoGAZJnt
UeAY51GFovUQMpDL96q5l7qXknewuhtVe4KzHCrun+3tsDWcDBJNp/DTymjbvDg1
KzoC9XOLkB8+A+KJrZ5uWAGImi7Cw07NIJsxNR7AJonJjolTS4Wkxy2su49SNW/e
yKzPm7SRjwtNDb/5pWXX2kaQx8Fa8qeOD7lrYPECgYAwQ6o0vYmr+L1tOZZgMVv9
Jusa8beVUH5hyduJjmxbYOtFTkggAozdx7rs4BgyRsmDlV48cEmcVf/7IH4gMJLb
O+bbERwCYUChe+piANhnwfwDHzbRd8mmQus54P06X7bWu6Rmi7gbQGVN/Z6VhbIm
D2cOo0w4bk/3yb01xz1MEw==
-----END PRIVATE KEY-----
"""

let eddsaPublicKeyBase64Url = "0ZcEvMCSYqSwR8XIkxOoaYjRQSAO8frTMSCpNbUl4lE"
let eddsaPrivateKeyBase64Url = "d1H3_dcg0V3XyAuZW2TE5Z3rhY20M-4YAfYu_HUQd8w"
109 changes: 109 additions & 0 deletions Benchmarks/Benchmarks/TokenLifecycle/TokenLifecycle.swift
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
import Benchmark
import Foundation
import JWTKit

let benchmarks = {
Benchmark("ES256 Generated") { benchmark in
for _ in benchmark.scaledIterations {
let key = ES256PrivateKey()
let keyCollection = JWTKeyCollection()
keyCollection.add(ecdsa: key)
let token = try await keyCollection.sign(payload)
_ = try await keyCollection.verify(token, as: Payload.self)
}
}

Benchmark("ES256 PEM") { benchmark in
for _ in benchmark.scaledIterations {
let key = try ES256PrivateKey(pem: ecdsaPrivateKey)
let keyCollection = JWTKeyCollection()
keyCollection.add(ecdsa: key)
let token = try await keyCollection.sign(payload)
_ = try await keyCollection.verify(token, as: Payload.self)
}
}

Benchmark("RSA PEM") { benchmark in
for _ in benchmark.scaledIterations {
let key = try Insecure.RSA.PrivateKey(pem: rsaPrivateKey)
let keyCollection = JWTKeyCollection()
keyCollection.add(rsa: key, digestAlgorithm: .sha256)
let token = try await keyCollection.sign(payload)
_ = try await keyCollection.verify(token, as: Payload.self)
}
}

Benchmark("EdDSA Generated") { benchmark in
for _ in benchmark.scaledIterations {
let key = try EdDSA.PrivateKey()
let keyCollection = JWTKeyCollection()
keyCollection.add(eddsa: key)
let token = try await keyCollection.sign(payload)
_ = try await keyCollection.verify(token, as: Payload.self)
}
}

Benchmark("EdDSA Coordinates") { benchmark in
for _ in benchmark.scaledIterations {
let key = try EdDSA.PrivateKey(d: eddsaPrivateKeyBase64Url, curve: .ed25519)
let keyCollection = JWTKeyCollection()
keyCollection.add(eddsa: key)
let token = try await keyCollection.sign(payload)
_ = try await keyCollection.verify(token, as: Payload.self)
}
}
}

struct Payload: JWTPayload {
let name: String
let admin: Bool

func verify(using signer: some JWTAlgorithm) async throws {
// nothing to verify
}
}

let payload = Payload(name: "Kyle", admin: true)

let ecdsaPrivateKey = """
-----BEGIN PRIVATE KEY-----
MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg2sD+kukkA8GZUpmm
jRa4fJ9Xa/JnIG4Hpi7tNO66+OGgCgYIKoZIzj0DAQehRANCAATZp0yt0btpR9kf
ntp4oUUzTV0+eTELXxJxFvhnqmgwGAm1iVW132XLrdRG/ntlbQ1yzUuJkHtYBNve
y+77Vzsd
-----END PRIVATE KEY-----
"""

let rsaPrivateKey = """
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDL8W1D9w5zHpmD
JqpTngIRJ+Sm21e42cRnTudhdejzKUiJQWkHSvQV5yC/+0iEXUsUJYEdSyrKhJFD
PT+IFGdjIiwb7IX+rUreWXlD/YYBL3/byMG4kYoO4oiPp2A+WvfeyLpuN549OXhk
7o5kXEZjKfjHTfmnAbCMoYW5BEpiHQC3HAeJZ5EiwAn8HZn5UY6lxJcf7H9hR83x
D0W7IZTNyxUu4aLNuihFIxJKgP/L/y95Y6ddZsyyHQopM43/7JOYBwufa07MWaxi
AdBdq1bR/ZeOt2aZaXhV+J6QUoUO8Z6fG6b2cQmvMgk4ybqoeciLII0DfFsyqavu
ip4hRr59AgMBAAECggEAUIw994XwMw922hG/W98gOd5jtHMVJnD73UGQqTGEm+VG
PM+Ux8iWtr/ec3Svo3elW4OkhwlVET9ikAf0u64zVzf769ty4K9YzpDQEEZlUrqL
6SZVPKxetppKDVKx9G7BT0BAQZ+947h7EIIXwxOeyTOeijkFzSwhqqlwwy4qoqzV
FTQS20QHE62hxzwuS5HBqw8ds183qAg9NbzR0Cp4za9qTiBB6C8KEcLqeatO+q+d
VCDsJcAMZOvW14N6BozKgbQ/WXZQ/3kNUPBndZLzzqaILFNmB1Zf2DVVJ9gU7+EK
xOac60StIfG81NllCTBrmRVq8yitNqwmutHMlxrIkQKBgQDvp39MkEHtNunFGkI5
R8IB5BZjtx5OdRBKkmPasmNU8U0XoQAJUKY/9piIpCtRi87tMXv8WWmlbULi66pu
4BnMIisw78xlIWRZTSizFrkFcEoVgEnbZBtSrOg/J5PAcjLEGCQoAdmMXAekR2/m
htv7FPijHPNUjyIFLaxwjl9izwKBgQDZ2mQeKNRHjIb5ZBzB0ZCvUy2y4+kaLrhZ
+CWMN1flL4dd1KuZKvCEfHY9kWOjqw6XneN4yT0aPmbBft4fihiiNW0Sm8i+fSpy
g0klw2HJl49wnwctBpRgTdMKGo9n14OGeu0xKOAy7I4j1tKrUXiRWnP9R583Ti7c
w7YHgdHM8wKBgEV147SaPzF08A6bzMPzY2zO4hpmsdcFoQIsKdryR04QXkrR9EO+
52C0pYM9Kf0Jq6Ed7ZS3iaJT58YDjjNyqqd648/cQP6yzfYAIiK+HERSRnay5zU6
b5zn1qyvWOi3cLVbVedumdJPvjtEJU/ImKvOaT5FntVMYwzjLw60hTsLAoGAZJnt
UeAY51GFovUQMpDL96q5l7qXknewuhtVe4KzHCrun+3tsDWcDBJNp/DTymjbvDg1
KzoC9XOLkB8+A+KJrZ5uWAGImi7Cw07NIJsxNR7AJonJjolTS4Wkxy2su49SNW/e
yKzPm7SRjwtNDb/5pWXX2kaQx8Fa8qeOD7lrYPECgYAwQ6o0vYmr+L1tOZZgMVv9
Jusa8beVUH5hyduJjmxbYOtFTkggAozdx7rs4BgyRsmDlV48cEmcVf/7IH4gMJLb
O+bbERwCYUChe+piANhnwfwDHzbRd8mmQus54P06X7bWu6Rmi7gbQGVN/Z6VhbIm
D2cOo0w4bk/3yb01xz1MEw==
-----END PRIVATE KEY-----
"""

let eddsaPublicKeyBase64Url = "0ZcEvMCSYqSwR8XIkxOoaYjRQSAO8frTMSCpNbUl4lE"
let eddsaPrivateKeyBase64Url = "d1H3_dcg0V3XyAuZW2TE5Z3rhY20M-4YAfYu_HUQd8w"
Loading

0 comments on commit 12e927d

Please sign in to comment.