mirror of https://github.com/jwtk/jjwt.git
commit
2a4082fe9a
|
@ -20,3 +20,7 @@ target/
|
||||||
.classpath
|
.classpath
|
||||||
.project
|
.project
|
||||||
.settings
|
.settings
|
||||||
|
|
||||||
|
.clover
|
||||||
|
|
||||||
|
.java-version
|
||||||
|
|
|
@ -6,6 +6,7 @@ language: java
|
||||||
jdk:
|
jdk:
|
||||||
- openjdk7
|
- openjdk7
|
||||||
- oraclejdk8
|
- oraclejdk8
|
||||||
|
- oraclejdk9
|
||||||
|
|
||||||
before_install:
|
before_install:
|
||||||
- export BUILD_COVERAGE="$([ $TRAVIS_JDK_VERSION == 'oraclejdk8' ] && echo 'true')"
|
- export BUILD_COVERAGE="$([ $TRAVIS_JDK_VERSION == 'oraclejdk8' ] && echo 'true')"
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
## Release Notes
|
## Release Notes
|
||||||
|
|
||||||
|
### 0.9.0
|
||||||
|
|
||||||
|
This is a minor release that includes changes to dependencies and plugins to allow for building jjwt with Java 9.
|
||||||
|
Javadocs in a few classes were updated as well to support proper linting in both Java 8 and Java 9.
|
||||||
|
|
||||||
### 0.8.0
|
### 0.8.0
|
||||||
|
|
||||||
This is a minor feature enhancement, dependency version update and build update release. We switched from Jacoco to
|
This is a minor feature enhancement, dependency version update and build update release. We switched from Jacoco to
|
||||||
|
|
69
pom.xml
69
pom.xml
|
@ -25,7 +25,7 @@
|
||||||
|
|
||||||
<groupId>io.jsonwebtoken</groupId>
|
<groupId>io.jsonwebtoken</groupId>
|
||||||
<artifactId>jjwt</artifactId>
|
<artifactId>jjwt</artifactId>
|
||||||
<version>0.9.0-SNAPSHOT</version>
|
<version>0.10.0-SNAPSHOT</version>
|
||||||
<name>JSON Web Token support for the JVM</name>
|
<name>JSON Web Token support for the JVM</name>
|
||||||
<packaging>jar</packaging>
|
<packaging>jar</packaging>
|
||||||
|
|
||||||
|
@ -80,7 +80,7 @@
|
||||||
<maven.jar.version>3.0.2</maven.jar.version>
|
<maven.jar.version>3.0.2</maven.jar.version>
|
||||||
<maven.compiler.version>3.6.1</maven.compiler.version>
|
<maven.compiler.version>3.6.1</maven.compiler.version>
|
||||||
|
|
||||||
<jdk.version>1.6</jdk.version>
|
<jdk.version>1.7</jdk.version>
|
||||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||||
<buildNumber>${user.name}-${maven.build.timestamp}</buildNumber>
|
<buildNumber>${user.name}-${maven.build.timestamp}</buildNumber>
|
||||||
|
|
||||||
|
@ -92,10 +92,11 @@
|
||||||
<!-- Test Dependencies: Only required for testing when building. Not required by users at runtime: -->
|
<!-- Test Dependencies: Only required for testing when building. Not required by users at runtime: -->
|
||||||
<groovy.version>2.4.11</groovy.version>
|
<groovy.version>2.4.11</groovy.version>
|
||||||
<logback.version>1.2.3</logback.version>
|
<logback.version>1.2.3</logback.version>
|
||||||
<easymock.version>3.4</easymock.version>
|
<easymock.version>3.5</easymock.version>
|
||||||
<junit.version>4.12</junit.version>
|
<junit.version>4.12</junit.version>
|
||||||
<powermock.version>1.6.6</powermock.version>
|
<powermock.version>2.0.0-beta.5</powermock.version> <!-- necessary for Java 9 support -->
|
||||||
<failsafe.plugin.version>2.19.1</failsafe.plugin.version>
|
<failsafe.plugin.version>2.20.1</failsafe.plugin.version>
|
||||||
|
<surefire.plugin.version>2.20.1</surefire.plugin.version>
|
||||||
<clover.version>4.2.0</clover.version>
|
<clover.version>4.2.0</clover.version>
|
||||||
|
|
||||||
</properties>
|
</properties>
|
||||||
|
@ -267,10 +268,16 @@
|
||||||
</dependency>
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
<!-- Override OSS parent to support Java 9. Doesn't hurt Java 8 -->
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
|
<version>${surefire.plugin.version}</version>
|
||||||
|
</plugin>
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-failsafe-plugin</artifactId>
|
<artifactId>maven-failsafe-plugin</artifactId>
|
||||||
<version>2.20</version>
|
<version>${failsafe.plugin.version}</version>
|
||||||
<configuration>
|
<configuration>
|
||||||
<includes>
|
<includes>
|
||||||
<include>**/*IT.java</include>
|
<include>**/*IT.java</include>
|
||||||
|
@ -302,10 +309,10 @@
|
||||||
<!-- leaving out lang as it mostly comes from other sources -->
|
<!-- leaving out lang as it mostly comes from other sources -->
|
||||||
<exclude>io/jsonwebtoken/lang/*</exclude>
|
<exclude>io/jsonwebtoken/lang/*</exclude>
|
||||||
</excludes>
|
</excludes>
|
||||||
<methodPercentage>100%</methodPercentage>
|
<methodPercentage>95%</methodPercentage>
|
||||||
<statementPercentage>100%</statementPercentage>
|
<statementPercentage>92.5%</statementPercentage>
|
||||||
<conditionalPercentage>100%</conditionalPercentage>
|
<conditionalPercentage>94.4%</conditionalPercentage>
|
||||||
<targetPercentage>100%</targetPercentage>
|
<targetPercentage>93.3</targetPercentage>
|
||||||
</configuration>
|
</configuration>
|
||||||
<executions>
|
<executions>
|
||||||
<execution>
|
<execution>
|
||||||
|
@ -363,6 +370,7 @@
|
||||||
</instructions>
|
</instructions>
|
||||||
</configuration>
|
</configuration>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
|
||||||
<!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
|
<!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.jwtk.coveralls</groupId>
|
<groupId>org.jwtk.coveralls</groupId>
|
||||||
|
@ -370,19 +378,32 @@
|
||||||
<version>4.4.0</version>
|
<version>4.4.0</version>
|
||||||
</plugin>
|
</plugin>
|
||||||
<!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
|
<!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
|
||||||
|
|
||||||
|
<!-- Override OSS parent to support Java 9 -->
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-javadoc-plugin</artifactId>
|
||||||
|
<version>2.10.4</version>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>attach-javadocs</id>
|
||||||
|
<goals>
|
||||||
|
<goal>jar</goal>
|
||||||
|
</goals>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
<dependencies>
|
||||||
|
<!-- Workaround for Java 9 -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>commons-lang</groupId>
|
||||||
|
<artifactId>commons-lang</artifactId>
|
||||||
|
<version>2.6</version>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
</plugin>
|
||||||
</plugins>
|
</plugins>
|
||||||
</build>
|
</build>
|
||||||
<profiles>
|
<profiles>
|
||||||
<profile>
|
|
||||||
<id>jdk8</id>
|
|
||||||
<activation>
|
|
||||||
<jdk>1.8</jdk>
|
|
||||||
</activation>
|
|
||||||
<properties>
|
|
||||||
<!-- Turn off JDK 8's lint checks: -->
|
|
||||||
<additionalparam>-Xdoclint:none</additionalparam>
|
|
||||||
</properties>
|
|
||||||
</profile>
|
|
||||||
<profile>
|
<profile>
|
||||||
<id>sign</id>
|
<id>sign</id>
|
||||||
<build>
|
<build>
|
||||||
|
@ -433,6 +454,14 @@
|
||||||
</goals>
|
</goals>
|
||||||
</execution>
|
</execution>
|
||||||
</executions>
|
</executions>
|
||||||
|
<dependencies>
|
||||||
|
<!-- Workaround for Java 9 -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>commons-lang</groupId>
|
||||||
|
<artifactId>commons-lang</artifactId>
|
||||||
|
<version>2.6</version>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
</plugin>
|
</plugin>
|
||||||
</plugins>
|
</plugins>
|
||||||
</build>
|
</build>
|
||||||
|
|
|
@ -31,7 +31,7 @@ import java.util.Map;
|
||||||
* claims.{@link Map#put(Object, Object) put}("someKey", "someValue");
|
* claims.{@link Map#put(Object, Object) put}("someKey", "someValue");
|
||||||
* </pre>
|
* </pre>
|
||||||
*
|
*
|
||||||
* <h4>Creation</h4>
|
* <h3>Creation</h3>
|
||||||
*
|
*
|
||||||
* <p>It is easiest to create a {@code Claims} instance by calling one of the
|
* <p>It is easiest to create a {@code Claims} instance by calling one of the
|
||||||
* {@link Jwts#claims() JWTs.claims()} factory methods.</p>
|
* {@link Jwts#claims() JWTs.claims()} factory methods.</p>
|
||||||
|
|
|
@ -24,7 +24,7 @@ public final class CompressionCodecs {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Codec implementing the <a href="https://en.wikipedia.org/wiki/Gzip">gzip</a> compression algorithm.
|
* Codec implementing the <a href="https://en.wikipedia.org/wiki/Gzip">gzip</a> compression algorithm.
|
||||||
* <h5>Compatibility Warning</h5>
|
* <h3>Compatibility Warning</h3>
|
||||||
* <p><b>This is not a standard JWA compression algorithm</b>. Be sure to use this only when you are confident
|
* <p><b>This is not a standard JWA compression algorithm</b>. Be sure to use this only when you are confident
|
||||||
* that all parties accessing the token support the gzip algorithm.</p>
|
* that all parties accessing the token support the gzip algorithm.</p>
|
||||||
* <p>If you're concerned about compatibility, the {@link #DEFLATE DEFLATE} code is JWA standards-compliant.</p>
|
* <p>If you're concerned about compatibility, the {@link #DEFLATE DEFLATE} code is JWA standards-compliant.</p>
|
||||||
|
|
|
@ -30,7 +30,7 @@ import java.util.Map;
|
||||||
* header.{@link Map#put(Object, Object) put}("headerParamName", "headerParamValue");
|
* header.{@link Map#put(Object, Object) put}("headerParamName", "headerParamValue");
|
||||||
* </pre>
|
* </pre>
|
||||||
*
|
*
|
||||||
* <h4>Creation</h4>
|
* <h3>Creation</h3>
|
||||||
*
|
*
|
||||||
* <p>It is easiest to create a {@code Header} instance by calling one of the
|
* <p>It is easiest to create a {@code Header} instance by calling one of the
|
||||||
* {@link Jwts#header() JWTs.header()} factory methods.</p>
|
* {@link Jwts#header() JWTs.header()} factory methods.</p>
|
||||||
|
@ -113,7 +113,7 @@ public interface Header<T extends Header<T>> extends Map<String,Object> {
|
||||||
* Returns the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a>
|
* Returns the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a>
|
||||||
* (Compression Algorithm) header parameter value or {@code null} if not present.
|
* (Compression Algorithm) header parameter value or {@code null} if not present.
|
||||||
*
|
*
|
||||||
* <h5>Compatiblity Note</h5>
|
* <h3>Compatiblity Note</h3>
|
||||||
*
|
*
|
||||||
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
|
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
|
||||||
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.
|
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.
|
||||||
|
@ -130,8 +130,12 @@ public interface Header<T extends Header<T>> extends Map<String,Object> {
|
||||||
* Sets the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a>
|
* Sets the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a>
|
||||||
* (Compression Algorithm) header parameter value. A {@code null} value will remove
|
* (Compression Algorithm) header parameter value. A {@code null} value will remove
|
||||||
* the property from the JSON map.
|
* the property from the JSON map.
|
||||||
|
* <p>
|
||||||
|
* <p>The compression algorithm is NOT part of the <a href="https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-25">JWT specification</a>
|
||||||
|
* and must be used carefully since, is not expected that other libraries (including previous versions of this one)
|
||||||
|
* be able to deserialize a compressed JTW body correctly. </p>
|
||||||
*
|
*
|
||||||
* <h5>Compatiblity Note</h5>
|
* <h3>Compatiblity Note</h3>
|
||||||
*
|
*
|
||||||
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
|
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
|
||||||
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.
|
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.
|
||||||
|
|
|
@ -368,7 +368,7 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
|
||||||
* can be useful. For example, when embedding JWTs in URLs, some browsers may not support URLs longer than a
|
* can be useful. For example, when embedding JWTs in URLs, some browsers may not support URLs longer than a
|
||||||
* certain length. Using compression can help ensure the compact JWT fits within that length. However, NOTE:</p>
|
* certain length. Using compression can help ensure the compact JWT fits within that length. However, NOTE:</p>
|
||||||
*
|
*
|
||||||
* <h5>Compatibility Warning</h5>
|
* <h3>Compatibility Warning</h3>
|
||||||
*
|
*
|
||||||
* <p>The JWT family of specifications defines compression only for JWE (JSON Web Encryption)
|
* <p>The JWT family of specifications defines compression only for JWE (JSON Web Encryption)
|
||||||
* tokens. Even so, JJWT will also support compression for JWS tokens as well if you choose to use it.
|
* tokens. Even so, JJWT will also support compression for JWS tokens as well if you choose to use it.
|
||||||
|
|
|
@ -228,10 +228,10 @@ public interface JwtParser {
|
||||||
* Sets the {@link CompressionCodecResolver} used to acquire the {@link CompressionCodec} that should be used to
|
* Sets the {@link CompressionCodecResolver} used to acquire the {@link CompressionCodec} that should be used to
|
||||||
* decompress the JWT body. If the parsed JWT is not compressed, this resolver is not used.
|
* decompress the JWT body. If the parsed JWT is not compressed, this resolver is not used.
|
||||||
* <p><b>NOTE:</b> Compression is not defined by the JWT Specification, and it is not expected that other libraries
|
* <p><b>NOTE:</b> Compression is not defined by the JWT Specification, and it is not expected that other libraries
|
||||||
* (including JJWT versions < 0.6.0) are able to consume a compressed JWT body correctly. This method is only
|
* (including JJWT versions < 0.6.0) are able to consume a compressed JWT body correctly. This method is only
|
||||||
* useful if the compact JWT was compressed with JJWT >= 0.6.0 or another library that you know implements
|
* useful if the compact JWT was compressed with JJWT >= 0.6.0 or another library that you know implements
|
||||||
* the same behavior.</p>
|
* the same behavior.</p>
|
||||||
* <h5>Default Support</h5>
|
* <h3>Default Support</h3>
|
||||||
* <p>JJWT's default {@link JwtParser} implementation supports both the
|
* <p>JJWT's default {@link JwtParser} implementation supports both the
|
||||||
* {@link io.jsonwebtoken.impl.compression.DeflateCompressionCodec DEFLATE}
|
* {@link io.jsonwebtoken.impl.compression.DeflateCompressionCodec DEFLATE}
|
||||||
* and {@link io.jsonwebtoken.impl.compression.GzipCompressionCodec GZIP} algorithms by default - you do not need to
|
* and {@link io.jsonwebtoken.impl.compression.GzipCompressionCodec GZIP} algorithms by default - you do not need to
|
||||||
|
|
|
@ -130,6 +130,7 @@ public enum SignatureAlgorithm {
|
||||||
* following table:
|
* following table:
|
||||||
*
|
*
|
||||||
* <table>
|
* <table>
|
||||||
|
* <caption>Crypto Family</caption>
|
||||||
* <thead>
|
* <thead>
|
||||||
* <tr>
|
* <tr>
|
||||||
* <th>SignatureAlgorithm</th>
|
* <th>SignatureAlgorithm</th>
|
||||||
|
|
|
@ -38,7 +38,7 @@ import java.security.Key;
|
||||||
*
|
*
|
||||||
* <p>A {@code SigningKeyResolver} is invoked once during parsing before the signature is verified.</p>
|
* <p>A {@code SigningKeyResolver} is invoked once during parsing before the signature is verified.</p>
|
||||||
*
|
*
|
||||||
* <h4>SigningKeyResolverAdapter</h4>
|
* <h3>SigningKeyResolverAdapter</h3>
|
||||||
*
|
*
|
||||||
* <p>If you only need to resolve a signing key for a particular JWS (either a plaintext or Claims JWS), consider using
|
* <p>If you only need to resolve a signing key for a particular JWS (either a plaintext or Claims JWS), consider using
|
||||||
* the {@link io.jsonwebtoken.SigningKeyResolverAdapter} and overriding only the method you need to support instead of
|
* the {@link io.jsonwebtoken.SigningKeyResolverAdapter} and overriding only the method you need to support instead of
|
||||||
|
|
|
@ -67,7 +67,7 @@ public abstract class MacProvider extends SignatureProvider {
|
||||||
* according to the specified {@code SignatureAlgorithm} using the specified SecureRandom number generator. This
|
* according to the specified {@code SignatureAlgorithm} using the specified SecureRandom number generator. This
|
||||||
* implementation returns secure-random key sizes as follows:
|
* implementation returns secure-random key sizes as follows:
|
||||||
*
|
*
|
||||||
* <table> <thead> <tr> <th>Signature Algorithm</th> <th>Generated Key Size</th> </tr> </thead> <tbody> <tr>
|
* <table> <caption>Key Sizes</caption> <thead> <tr> <th>Signature Algorithm</th> <th>Generated Key Size</th> </tr> </thead> <tbody> <tr>
|
||||||
* <td>HS256</td> <td>256 bits (32 bytes)</td> </tr> <tr> <td>HS384</td> <td>384 bits (48 bytes)</td> </tr> <tr>
|
* <td>HS256</td> <td>256 bits (32 bytes)</td> </tr> <tr> <td>HS384</td> <td>384 bits (48 bytes)</td> </tr> <tr>
|
||||||
* <td>HS512</td> <td>512 bits (64 bytes)</td> </tr> </tbody> </table>
|
* <td>HS512</td> <td>512 bits (64 bytes)</td> </tr> </tbody> </table>
|
||||||
*
|
*
|
||||||
|
|
|
@ -18,10 +18,11 @@ public interface SerializationCodec {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Deserialize a {@code byte[]} to an {@code object} of an specific {@code type}
|
* Deserialize a {@code byte[]} to an {@code object} of an specific {@code type}
|
||||||
|
*
|
||||||
* <pre>
|
* <pre>
|
||||||
* bytes[] serialized = ...
|
* bytes[] serialized = ...
|
||||||
* Map instance = serializationCodec.deserialize(serialized, Map.class);
|
* Map instance = serializationCodec.deserialize(serialized, Map.class);
|
||||||
* <pre>
|
* </pre>
|
||||||
*
|
*
|
||||||
* @param bytes of the serialized object.
|
* @param bytes of the serialized object.
|
||||||
* @param targetClass of the instance to return.
|
* @param targetClass of the instance to return.
|
||||||
|
|
|
@ -438,7 +438,7 @@ public final class Strings {
|
||||||
* Quote the given String with single quotes.
|
* Quote the given String with single quotes.
|
||||||
* @param str the input String (e.g. "myString")
|
* @param str the input String (e.g. "myString")
|
||||||
* @return the quoted String (e.g. "'myString'"),
|
* @return the quoted String (e.g. "'myString'"),
|
||||||
* or <code>null<code> if the input was <code>null</code>
|
* or <code>null</code> if the input was <code>null</code>
|
||||||
*/
|
*/
|
||||||
public static String quote(String str) {
|
public static String quote(String str) {
|
||||||
return (str != null ? "'" + str + "'" : null);
|
return (str != null ? "'" + str + "'" : null);
|
||||||
|
@ -513,7 +513,7 @@ public final class Strings {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Extract the filename from the given path,
|
* Extract the filename from the given path,
|
||||||
* e.g. "mypath/myfile.txt" -> "myfile.txt".
|
* e.g. "mypath/myfile.txt" -> "myfile.txt".
|
||||||
* @param path the file path (may be <code>null</code>)
|
* @param path the file path (may be <code>null</code>)
|
||||||
* @return the extracted filename, or <code>null</code> if none
|
* @return the extracted filename, or <code>null</code> if none
|
||||||
*/
|
*/
|
||||||
|
@ -527,7 +527,7 @@ public final class Strings {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Extract the filename extension from the given path,
|
* Extract the filename extension from the given path,
|
||||||
* e.g. "mypath/myfile.txt" -> "txt".
|
* e.g. "mypath/myfile.txt" -> "txt".
|
||||||
* @param path the file path (may be <code>null</code>)
|
* @param path the file path (may be <code>null</code>)
|
||||||
* @return the extracted filename extension, or <code>null</code> if none
|
* @return the extracted filename extension, or <code>null</code> if none
|
||||||
*/
|
*/
|
||||||
|
@ -548,7 +548,7 @@ public final class Strings {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Strip the filename extension from the given path,
|
* Strip the filename extension from the given path,
|
||||||
* e.g. "mypath/myfile.txt" -> "mypath/myfile".
|
* e.g. "mypath/myfile.txt" -> "mypath/myfile".
|
||||||
* @param path the file path (may be <code>null</code>)
|
* @param path the file path (may be <code>null</code>)
|
||||||
* @return the path with stripped filename extension,
|
* @return the path with stripped filename extension,
|
||||||
* or <code>null</code> if none
|
* or <code>null</code> if none
|
||||||
|
|
Loading…
Reference in New Issue