0.12.4 staging (#913)

Released 0.12.4, with the following additional changes:

- Added 0.12.4 release version references
- Added CI 'workflow_dispatch' event trigger
- Changed git url from ssh to https

.github/workflows/ci.yml

@@ -1,6 +1,7 @@
 name: CI
 
 on:
+  workflow_dispatch: 
   pull_request: # all pull requests
   push:
     branches:

README.md

@@ -543,18 +543,18 @@ If you're building a (non-Android) JDK project, you will want to define the foll
 <dependency>
     <groupId>io.jsonwebtoken</groupId>
     <artifactId>jjwt-api</artifactId>
-    <version>0.12.3</version>
+    <version>0.12.4</version>
 </dependency>
 <dependency>
     <groupId>io.jsonwebtoken</groupId>
     <artifactId>jjwt-impl</artifactId>
-    <version>0.12.3</version>
+    <version>0.12.4</version>
     <scope>runtime</scope>
 </dependency>
 <dependency>
     <groupId>io.jsonwebtoken</groupId>
     <artifactId>jjwt-jackson</artifactId> <!-- or jjwt-gson if Gson is preferred -->
-    <version>0.12.3</version>
+    <version>0.12.4</version>
     <scope>runtime</scope>
 </dependency>
 <!-- Uncomment this next dependency if you are using:
@@ -577,9 +577,9 @@ If you're building a (non-Android) JDK project, you will want to define the foll
 
 ```groovy
 dependencies {
-    implementation 'io.jsonwebtoken:jjwt-api:0.12.3'
-    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.3'
-    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.3' // or 'io.jsonwebtoken:jjwt-gson:0.12.3' for gson
+    implementation 'io.jsonwebtoken:jjwt-api:0.12.4'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.4'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.4' // or 'io.jsonwebtoken:jjwt-gson:0.12.4' for gson
     /* 
       Uncomment this next dependency if you are using:
        - JDK 10 or earlier, and you want to use RSASSA-PSS (PS256, PS384, PS512) signature algorithms.
@@ -604,9 +604,9 @@ Add the dependencies to your project:
 
 ```groovy
 dependencies {
-    api('io.jsonwebtoken:jjwt-api:0.12.3')
-    runtimeOnly('io.jsonwebtoken:jjwt-impl:0.12.3') 
-    runtimeOnly('io.jsonwebtoken:jjwt-orgjson:0.12.3') {
+    api('io.jsonwebtoken:jjwt-api:0.12.4')
+    runtimeOnly('io.jsonwebtoken:jjwt-impl:0.12.4') 
+    runtimeOnly('io.jsonwebtoken:jjwt-orgjson:0.12.4') {
         exclude(group: 'org.json', module: 'json') //provided by Android natively
     }
     /* 
@@ -3040,7 +3040,7 @@ scope which is the typical JJWT default).  That is:
 <dependency>
     <groupId>io.jsonwebtoken</groupId>
     <artifactId>jjwt-jackson</artifactId>
-    <version>0.12.3</version>
+    <version>0.12.4</version>
     <scope>compile</scope> <!-- Not runtime -->
 </dependency>
 ```
@@ -3049,7 +3049,7 @@ scope which is the typical JJWT default).  That is:
 
 ```groovy
 dependencies {
-    implementation 'io.jsonwebtoken:jjwt-jackson:0.12.3'
+    implementation 'io.jsonwebtoken:jjwt-jackson:0.12.4'
 }
 ```
 
@@ -3157,7 +3157,7 @@ scope which is the typical JJWT default).  That is:
 <dependency>
     <groupId>io.jsonwebtoken</groupId>
     <artifactId>jjwt-gson</artifactId>
-    <version>0.12.3</version>
+    <version>0.12.4</version>
     <scope>compile</scope> <!-- Not runtime -->
 </dependency>
 ```
@@ -3166,7 +3166,7 @@ scope which is the typical JJWT default).  That is:
 
 ```groovy
 dependencies {
-    implementation 'io.jsonwebtoken:jjwt-gson:0.12.3'
+    implementation 'io.jsonwebtoken:jjwt-gson:0.12.4'
 }
 ```
 

api/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt-root</artifactId>
-        <version>0.12.4-SNAPSHOT</version>
+        <version>0.12.5-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

extensions/gson/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt-root</artifactId>
-        <version>0.12.4-SNAPSHOT</version>
+        <version>0.12.5-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

extensions/jackson/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt-root</artifactId>
-        <version>0.12.4-SNAPSHOT</version>
+        <version>0.12.5-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

extensions/jackson/src/test/groovy/io/jsonwebtoken/jackson/io/JacksonDeserializerTest.groovy

@@ -123,6 +123,7 @@ class JacksonDeserializerTest {
 
     /**
      * Asserts https://github.com/jwtk/jjwt/issues/877
+     * @since 0.12.4
      */
     @Test
     void testStrictDuplicateDetection() {

extensions/orgjson/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt-root</artifactId>
-        <version>0.12.4-SNAPSHOT</version>
+        <version>0.12.5-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

extensions/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt-root</artifactId>
-        <version>0.12.4-SNAPSHOT</version>
+        <version>0.12.5-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

impl/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt-root</artifactId>
-        <version>0.12.4-SNAPSHOT</version>
+        <version>0.12.5-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

impl/src/main/java/io/jsonwebtoken/impl/DelegatingClaimsMutator.java

@@ -47,7 +47,7 @@ public class DelegatingClaimsMutator<T extends MapMutator<String, Object, T> & C
         return self();
     }
 
-    @Override
+    @Override // override starting in 0.12.4
     public Object put(String key, Object value) {
         if (AUDIENCE_STRING.getId().equals(key)) { // https://github.com/jwtk/jjwt/issues/890
             if (value instanceof String) {
@@ -63,7 +63,7 @@ public class DelegatingClaimsMutator<T extends MapMutator<String, Object, T> & C
         return super.put(key, value);
     }
 
-    @Override
+    @Override // overridden starting in 0.12.4
     public void putAll(Map<? extends String, ?> m) {
         if (m == null) return;
         for (Map.Entry<? extends String, ?> entry : m.entrySet()) {

impl/src/main/java/io/jsonwebtoken/impl/lang/Services.java

@@ -65,6 +65,7 @@ public final class Services {
      * @param <T> The type of the SPI
      * @return The first available instance of the service.
      * @throws UnavailableImplementationException When no implementation of the SPI class can be found.
+     * @since 0.12.4
      */
     public static <T> T get(Class<T> spi) {
         // TODO: JDK8, replace this find/putIfAbsent logic with ConcurrentMap.computeIfAbsent

impl/src/main/java/io/jsonwebtoken/impl/security/AesAlgorithm.java

@@ -55,6 +55,11 @@ abstract class AesAlgorithm extends CryptoAlgorithm implements KeyBuilderSupplie
     protected final int tagBitLength;
     protected final boolean gcm;
 
+    /**
+     * Ensures {@code keyBitLength is a valid AES key length}
+     * @param keyBitLength the key length (in bits) to check
+     * @since 0.12.4
+     */
     static void assertKeyBitLength(int keyBitLength) {
         if (keyBitLength == 128 || keyBitLength == 192 || keyBitLength == 256) return; // valid
         String msg = "Invalid AES key length: " + Bytes.bitsMsg(keyBitLength) + ". AES only supports " +

impl/src/test/groovy/io/jsonwebtoken/impl/security/AbstractEcJwkFactoryTest.groovy

@@ -44,6 +44,7 @@ class AbstractEcJwkFactoryTest {
 
     /**
      * Asserts correct behavior per https://github.com/jwtk/jjwt/issues/901
+     * @since 0.12.4
      */
     @Test
     void fieldElementByteArrayLength() {

impl/src/test/groovy/io/jsonwebtoken/impl/security/Pbes2HsAkwAlgorithmTest.groovy

@@ -53,6 +53,9 @@ class Pbes2HsAkwAlgorithmTest {
         }
     }
 
+    /**
+     * @since 0.12.4
+     */
     @Test
     void testExceedsMaxIterations() {
         for (Pbes2HsAkwAlgorithm alg : ALGS) {

impl/src/test/groovy/io/jsonwebtoken/impl/security/SecretJwkFactoryTest.groovy

@@ -131,6 +131,9 @@ class SecretJwkFactoryTest {
         assertEquals 'AES', result.toKey().getAlgorithm()
     }
 
+    /**
+     * @since 0.12.4
+     */
     @Test
     // 'oct' type, but 'alg' value is not a secret key algorithm (and therefore malformed)
     void testMismatchedAlgorithm() {
@@ -176,6 +179,7 @@ class SecretJwkFactoryTest {
      *
      * This test asserts this allowed behavior per https://github.com/jwtk/jjwt/issues/905
      * @see <a href="https://github.com/jwtk/jjwt/issues/905">JJWT Issue 905</a>
+     * @since 0.12.4
      */
     @Test
     void testAllowedKeyLengths() {

pom.xml

@@ -19,7 +19,7 @@
 
     <groupId>io.jsonwebtoken</groupId>
     <artifactId>jjwt-root</artifactId>
-    <version>0.12.4-SNAPSHOT</version>
+    <version>0.12.5-SNAPSHOT</version>
     <name>JJWT</name>
     <description>JSON Web Token support for the JVM and Android</description>
     <packaging>pom</packaging>
@@ -50,8 +50,8 @@
 
     <scm>
         <connection>scm:git:https://github.com/jwtk/jjwt.git</connection>
-        <developerConnection>scm:git:git@github.com:jwtk/jjwt.git</developerConnection>
-        <url>git@github.com:jwtk/jjwt.git</url>
+        <developerConnection>scm:git:https://github.com/jwtk/jjwt.git</developerConnection>
+        <url>https://github.com/jwtk/jjwt.git</url>
         <tag>HEAD</tag>
     </scm>
     <issueManagement>

tdjar/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>io.jsonwebtoken</groupId>
         <artifactId>jjwt-root</artifactId>
-        <version>0.12.4-SNAPSHOT</version>
+        <version>0.12.5-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>