honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

0.12.4 staging (#913) 

Released 0.12.4, with the following additional changes:

- Added 0.12.4 release version references
- Added CI 'workflow_dispatch' event trigger
- Changed git url from ssh to https
This commit is contained in:
lhazlewood 2024-01-28 16:52:21 -08:00 committed by GitHub
parent dd10b12b53
commit afcd889832
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
17 changed files with 41 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/ci.yml vendored
View File

@ -1,6 +1,7 @@
name: CI name: CI
on: on:
workflow_dispatch:
pull_request: # all pull requests pull_request: # all pull requests
push: push:
branches: branches:

26
README.md
View File

@ -543,18 +543,18 @@ If you're building a (non-Android) JDK project, you will want to define the foll
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-api</artifactId> <artifactId>jjwt-api</artifactId>
<version>0.12.3</version> <version>0.12.4</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId> <artifactId>jjwt-impl</artifactId>
<version>0.12.3</version> <version>0.12.4</version>
<scope>runtime</scope> <scope>runtime</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId> <!-- or jjwt-gson if Gson is preferred --> <artifactId>jjwt-jackson</artifactId> <!-- or jjwt-gson if Gson is preferred -->
<version>0.12.3</version> <version>0.12.4</version>
<scope>runtime</scope> <scope>runtime</scope>
</dependency> </dependency>
<!-- Uncomment this next dependency if you are using: <!-- Uncomment this next dependency if you are using:
@ -577,9 +577,9 @@ If you're building a (non-Android) JDK project, you will want to define the foll
```groovy ```groovy
dependencies { dependencies {
implementation 'io.jsonwebtoken:jjwt-api:0.12.3' implementation 'io.jsonwebtoken:jjwt-api:0.12.4'
runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.3' runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.4'
runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.3' // or 'io.jsonwebtoken:jjwt-gson:0.12.3' for gson runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.4' // or 'io.jsonwebtoken:jjwt-gson:0.12.4' for gson
/* /*
Uncomment this next dependency if you are using: Uncomment this next dependency if you are using:
- JDK 10 or earlier, and you want to use RSASSA-PSS (PS256, PS384, PS512) signature algorithms. - JDK 10 or earlier, and you want to use RSASSA-PSS (PS256, PS384, PS512) signature algorithms.
@ -604,9 +604,9 @@ Add the dependencies to your project:
```groovy ```groovy
dependencies { dependencies {
api('io.jsonwebtoken:jjwt-api:0.12.3') api('io.jsonwebtoken:jjwt-api:0.12.4')
runtimeOnly('io.jsonwebtoken:jjwt-impl:0.12.3') runtimeOnly('io.jsonwebtoken:jjwt-impl:0.12.4')
runtimeOnly('io.jsonwebtoken:jjwt-orgjson:0.12.3') { runtimeOnly('io.jsonwebtoken:jjwt-orgjson:0.12.4') {
exclude(group: 'org.json', module: 'json') //provided by Android natively exclude(group: 'org.json', module: 'json') //provided by Android natively
} }
/* /*
@ -3040,7 +3040,7 @@ scope which is the typical JJWT default). That is:
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId> <artifactId>jjwt-jackson</artifactId>
<version>0.12.3</version> <version>0.12.4</version>
<scope>compile</scope> <!-- Not runtime --> <scope>compile</scope> <!-- Not runtime -->
</dependency> </dependency>
``` ```
@ -3049,7 +3049,7 @@ scope which is the typical JJWT default). That is:
```groovy ```groovy
dependencies { dependencies {
implementation 'io.jsonwebtoken:jjwt-jackson:0.12.3' implementation 'io.jsonwebtoken:jjwt-jackson:0.12.4'
} }
``` ```
@ -3157,7 +3157,7 @@ scope which is the typical JJWT default). That is:
<dependency> <dependency>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-gson</artifactId> <artifactId>jjwt-gson</artifactId>
<version>0.12.3</version> <version>0.12.4</version>
<scope>compile</scope> <!-- Not runtime --> <scope>compile</scope> <!-- Not runtime -->
</dependency> </dependency>
``` ```
@ -3166,7 +3166,7 @@ scope which is the typical JJWT default). That is:
```groovy ```groovy
dependencies { dependencies {
implementation 'io.jsonwebtoken:jjwt-gson:0.12.3' implementation 'io.jsonwebtoken:jjwt-gson:0.12.4'
} }
``` ```

2
api/pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath> <relativePath>../pom.xml</relativePath>
</parent> </parent>

2
extensions/gson/pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath> <relativePath>../../pom.xml</relativePath>
</parent> </parent>

2
extensions/jackson/pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath> <relativePath>../../pom.xml</relativePath>
</parent> </parent>

1
extensions/jackson/src/test/groovy/io/jsonwebtoken/jackson/io/JacksonDeserializerTest.groovy
View File

@ -123,6 +123,7 @@ class JacksonDeserializerTest {
/** /**
* Asserts https://github.com/jwtk/jjwt/issues/877 * Asserts https://github.com/jwtk/jjwt/issues/877
* @since 0.12.4
*/ */
@Test @Test
void testStrictDuplicateDetection() { void testStrictDuplicateDetection() {

2
extensions/orgjson/pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath> <relativePath>../../pom.xml</relativePath>
</parent> </parent>

2
extensions/pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath> <relativePath>../pom.xml</relativePath>
</parent> </parent>

2
impl/pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath> <relativePath>../pom.xml</relativePath>
</parent> </parent>

4
impl/src/main/java/io/jsonwebtoken/impl/DelegatingClaimsMutator.java
View File

@ -47,7 +47,7 @@ public class DelegatingClaimsMutator<T extends MapMutator<String, Object, T> & C
return self(); return self();
} }
@Override @Override // override starting in 0.12.4
public Object put(String key, Object value) { public Object put(String key, Object value) {
if (AUDIENCE_STRING.getId().equals(key)) { // https://github.com/jwtk/jjwt/issues/890 if (AUDIENCE_STRING.getId().equals(key)) { // https://github.com/jwtk/jjwt/issues/890
if (value instanceof String) { if (value instanceof String) {
@ -63,7 +63,7 @@ public class DelegatingClaimsMutator<T extends MapMutator<String, Object, T> & C
return super.put(key, value); return super.put(key, value);
} }
@Override @Override // overridden starting in 0.12.4
public void putAll(Map<? extends String, ?> m) { public void putAll(Map<? extends String, ?> m) {
if (m == null) return; if (m == null) return;
for (Map.Entry<? extends String, ?> entry : m.entrySet()) { for (Map.Entry<? extends String, ?> entry : m.entrySet()) {

1
impl/src/main/java/io/jsonwebtoken/impl/lang/Services.java
View File

@ -65,6 +65,7 @@ public final class Services {
* @param <T> The type of the SPI * @param <T> The type of the SPI
* @return The first available instance of the service. * @return The first available instance of the service.
* @throws UnavailableImplementationException When no implementation of the SPI class can be found. * @throws UnavailableImplementationException When no implementation of the SPI class can be found.
* @since 0.12.4
*/ */
public static <T> T get(Class<T> spi) { public static <T> T get(Class<T> spi) {
// TODO: JDK8, replace this find/putIfAbsent logic with ConcurrentMap.computeIfAbsent // TODO: JDK8, replace this find/putIfAbsent logic with ConcurrentMap.computeIfAbsent

5
impl/src/main/java/io/jsonwebtoken/impl/security/AesAlgorithm.java
View File

@ -55,6 +55,11 @@ abstract class AesAlgorithm extends CryptoAlgorithm implements KeyBuilderSupplie
protected final int tagBitLength; protected final int tagBitLength;
protected final boolean gcm; protected final boolean gcm;
/**
* Ensures {@code keyBitLength is a valid AES key length}
* @param keyBitLength the key length (in bits) to check
* @since 0.12.4
*/
static void assertKeyBitLength(int keyBitLength) { static void assertKeyBitLength(int keyBitLength) {
if (keyBitLength == 128 || keyBitLength == 192 || keyBitLength == 256) return; // valid if (keyBitLength == 128 || keyBitLength == 192 || keyBitLength == 256) return; // valid
String msg = "Invalid AES key length: " + Bytes.bitsMsg(keyBitLength) + ". AES only supports " + String msg = "Invalid AES key length: " + Bytes.bitsMsg(keyBitLength) + ". AES only supports " +

1
impl/src/test/groovy/io/jsonwebtoken/impl/security/AbstractEcJwkFactoryTest.groovy
View File

@ -44,6 +44,7 @@ class AbstractEcJwkFactoryTest {
/** /**
* Asserts correct behavior per https://github.com/jwtk/jjwt/issues/901 * Asserts correct behavior per https://github.com/jwtk/jjwt/issues/901
* @since 0.12.4
*/ */
@Test @Test
void fieldElementByteArrayLength() { void fieldElementByteArrayLength() {

3
impl/src/test/groovy/io/jsonwebtoken/impl/security/Pbes2HsAkwAlgorithmTest.groovy
View File

@ -53,6 +53,9 @@ class Pbes2HsAkwAlgorithmTest {
} }
} }
/**
* @since 0.12.4
*/
@Test @Test
void testExceedsMaxIterations() { void testExceedsMaxIterations() {
for (Pbes2HsAkwAlgorithm alg : ALGS) { for (Pbes2HsAkwAlgorithm alg : ALGS) {

4
impl/src/test/groovy/io/jsonwebtoken/impl/security/SecretJwkFactoryTest.groovy
View File

@ -131,6 +131,9 @@ class SecretJwkFactoryTest {
assertEquals 'AES', result.toKey().getAlgorithm() assertEquals 'AES', result.toKey().getAlgorithm()
} }
/**
* @since 0.12.4
*/
@Test @Test
// 'oct' type, but 'alg' value is not a secret key algorithm (and therefore malformed) // 'oct' type, but 'alg' value is not a secret key algorithm (and therefore malformed)
void testMismatchedAlgorithm() { void testMismatchedAlgorithm() {
@ -176,6 +179,7 @@ class SecretJwkFactoryTest {
* *
* This test asserts this allowed behavior per https://github.com/jwtk/jjwt/issues/905 * This test asserts this allowed behavior per https://github.com/jwtk/jjwt/issues/905
* @see <a href="https://github.com/jwtk/jjwt/issues/905">JJWT Issue 905</a> * @see <a href="https://github.com/jwtk/jjwt/issues/905">JJWT Issue 905</a>
* @since 0.12.4
*/ */
@Test @Test
void testAllowedKeyLengths() { void testAllowedKeyLengths() {

6
pom.xml
View File

@ -19,7 +19,7 @@
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<name>JJWT</name> <name>JJWT</name>
<description>JSON Web Token support for the JVM and Android</description> <description>JSON Web Token support for the JVM and Android</description>
<packaging>pom</packaging> <packaging>pom</packaging>
@ -50,8 +50,8 @@
<scm> <scm>
<connection>scm:git:https://github.com/jwtk/jjwt.git</connection> <connection>scm:git:https://github.com/jwtk/jjwt.git</connection>
<developerConnection>scm:git:git@github.com:jwtk/jjwt.git</developerConnection> <developerConnection>scm:git:https://github.com/jwtk/jjwt.git</developerConnection>
<url>git@github.com:jwtk/jjwt.git</url> <url>https://github.com/jwtk/jjwt.git</url>
<tag>HEAD</tag> <tag>HEAD</tag>
</scm> </scm>
<issueManagement> <issueManagement>

2
tdjar/pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-root</artifactId> <artifactId>jjwt-root</artifactId>
<version>0.12.4-SNAPSHOT</version> <version>0.12.5-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath> <relativePath>../pom.xml</relativePath>
</parent> </parent>