TK-one
6fe3759d64
Fixed Javadoc and comment typos
...
Fixes : #294
2021-07-20 10:51:56 -04:00
Brian Demers
6b2843bded
Fix name of tests in DefaultJwtParserBuilder
...
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
2021-07-09 17:08:56 -04:00
Brian Demers
04762e4d4e
Add and cleanup tests based on review feedback
...
* Add tests to verify the DefaultJwtParserBuilder will correctly wrap Deserializer implementations
* Cleanup string handling in JwtDeserializerTest
2021-07-09 17:08:56 -04:00
Brian Demers
52b2ab13d1
Apply suggestions from code review
...
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
2021-07-09 17:08:56 -04:00
Brian Demers
8a11a4ed18
Adds handling for common JSON parsing exceptions and wraps them in a `JwtException`
...
Move the parser error handling logic out of DefaultJwtParser into the new JwtDeserializer and wraps them with developer freiendly exceptions
Add check for common JSON parsing exceptions like stack overflow when parsing deeply nested (or malformed) JSON
2021-07-09 17:08:56 -04:00
Tomasz Zarna
a4130dd1ec
Remove unused import of java.util.Arrays in RsaSignatureValidator
2021-03-10 10:14:13 -05:00
Brian Demers
901048aeac
Removes eager initialization of the CompressionCodecResolver in the JwtParserBuilder
...
This removes a potential service loader issue with OSGi runtimes.
Fixes : #578
2020-07-13 12:56:05 -04:00
Les Hazlewood
14b2f19b29
[maven-release-plugin] prepare for next development iteration
2020-06-11 15:50:09 -04:00
Les Hazlewood
274749373f
[maven-release-plugin] prepare release 0.11.2
2020-06-11 15:50:00 -04:00
Les Hazlewood
26527bd43c
Updated the pom snapshot versions to prepare for the upcoming 0.11.2 release
2020-06-11 14:16:29 -04:00
Les Hazlewood
72973f9b9b
Argument validation for allowedClockSkewSeconds ( #601 )
...
* 583: ensured setting allowedClockSkewSeconds to be greater than (Long.MAX_VALUE / 1000) will throw an IllegalArgumentException.
2020-06-11 13:46:03 -04:00
Philipp Zormeier
2b00ed1819
Add DefaultJwtParser functionality to parse JWSs with empty body. ( #540 )
...
* Add DefaultJwtParser functionality to parse JWSs with empty body.
* Review Fix: Change allowEmptyBody(boolean) to requirePayload(boolean). Set payloadRequired true for each require*() method in JwtParser and JwtParserBuilder.
* Add missing ImmutableJwtParserTest.
* Review changes: Moving to solution without payload requirement flag.
* Review changes: Allow empty Jwt payload
* Remove unused imports
Co-authored-by: Philipp Zormeier <philipp.zormeier@thoughtworks.com>
2020-06-08 14:07:10 -04:00
Carsten Ziegeler
403e1895e3
Attach implementation bundles as fragments to the API bundle to make them visible to the API bundle. This fixes jwtk#578 (jwtk#578) ( #580 )
2020-04-27 17:40:02 -04:00
Les Hazlewood
5616ba769a
[maven-release-plugin] prepare for next development iteration
2020-03-12 16:59:12 -04:00
Les Hazlewood
c09deaa5f3
[maven-release-plugin] prepare release 0.11.1
2020-03-12 16:59:05 -04:00
Les Hazlewood
c563365b97
Prepping for the 0.11.0 --> 0.11.1 release
2020-03-12 16:56:17 -04:00
Brian Demers
9e65ab7be0
Services now checks the contextClassLoader, Services.class.classLoader, and the system classloader
...
Fixes : #568
2020-03-12 15:43:37 -04:00
Les Hazlewood
23743f5a59
[maven-release-plugin] prepare for next development iteration
2020-02-05 12:29:05 -08:00
Les Hazlewood
3cd48fade7
[maven-release-plugin] prepare release 0.11.0
2020-02-05 12:28:58 -08:00
Les Hazlewood
c38f4af239
Ensured DeflateCompressionCodec could fallback to <= 0.10.6 implementation if encountering an IOException. This allows compressed JWTs created before 0.10.7 to still work. Fixes #536 ( #556 ) ( #557 )
2020-02-04 14:29:16 -08:00
Les Hazlewood
950e6fbcc7
cherry-pick 4821395c06b0786e19b1a3153be65f39a2a524d9: Ensured SignatureAlgorithm `PS256`, `PS384`, and `PS512` worked properly on JDK 11 and later without requiring BouncyCastle. ( #555 )
2020-02-04 00:10:39 -08:00
Brian Demers
2fd3f06b7b
Update SignatureValidator to use MessageDigest ( #548 )
2020-01-27 14:20:21 -05:00
Micah Silverman
dacdb2ce25
relocated Service.java to impl module (along with tests). ( #529 )
2019-10-27 17:13:49 -04:00
Brian Demers
7037d64d24
Reduce scope of Service Loader work to CompressionCodecs and JsonSerializers
...
Fixes : #458
2019-10-23 09:14:08 -07:00
Jaap Coomans
ef32a1386d
Use ServiceLoader instead of reflection to resolve implementation classes.
...
By using ServiceLoader the hardcoded dependency of implementation classes becomes obsolete, so that the API will be truly independent from the implementation. Also this approach paves the way for migration to JPMS modules, as these also leverage the ServiceLoader API.
Use ServiceLoader instead of reflection to resolve CompressionCodec implementation classes.
Isolate key- and key-pair generators and use ServiceLoader instead of reflection to invert dependencies.
Move FactoryLoader logic to Services class and improve package layout.
Resolve Deserializer using the ServiceLoader instead of reflection and hardcoded reference.
Resolve Serializer using the ServiceLoader instead of reflection and hardcoded reference.
2019-10-23 09:13:58 -07:00
Brian Demers
ebdb4426f6
Update version to 0.11.0-SNAPSHOT ( #506 )
...
via: `mvn versions:set -DnewVersion=0.11.0-SNAPSHOT -DgenerateBackupPoms=false`
2019-10-03 12:09:48 -04:00
Brian Demers
7eb9c514b0
Fixes test error caused by groovy type coercion ( #509 )
...
* Fixes test error caused by groovy type coercion
A long was being treated as a float
* Fixes test error caused by groovy type coercion
A long was being treated as a float
2019-10-03 12:09:23 -04:00
Brian Demers
94d151129d
Add JwtParserBuilder as the preferred way to create a JwtParser instance ( #486 )
...
- Added new JwtParserBuilder
- Copied mutator methods from JwtParser into new JwtParserBuilder
- Marked said methods as deprecated in JwtParser
- Copied JwtParserTest and JwtsTest to Deprecated*, as to retain coverage on methods that will be removed in 1.0
- Added ImmutableJwtParser
This is a stop gap until 1.0, all of the mutable methods will now throw a IllegalStateException.
NOTE: this only comes into place when using the new Jwts.parserBuilder(), Jwts.parser() is unchanged.
Fixes : #473
2019-10-01 12:03:20 -04:00
Brian Demers
7090bf39c3
Add support for custom type deserialization with Jackson ( #495 )
...
- Adds new constructor JacksonDeserializer(Map<String, Class> claimTypeMap), which will enable later calls Claims.get("key", CustomType.class) to work as expectd
- Adds new Maps utility class to make map creation fluent
Fixes : #369
2019-09-30 17:24:57 -04:00
Brian Demers
6e74be0b8d
Fix split package issue in extensions/jackson and extensions/orgjson ( #488 )
...
* Fix split package issue in extensions/jackson and extensions/orgjson
This moves the implementation specific classes:
- `io.jsonwebtoken.io.Jackson*` to `io.jsonwebtoken.jackson.io.Jackson*`
- `io.jsonwebtoken.io.OrgJson*` to `io.jsonwebtoken.orgjson.io.OrgJson*`
* Add Backwards Compatibility Warning to CHANGELOG
* Add `jjwt-jackson:deprecated` and `jjwt-orgjson:deprecated` modules to retain backward-compatible versions of the Jackson and OrgJson Serializers (this is built with the shade plugin and binary compatibility validated with japicmp)
Fixes : #399
2019-09-27 17:11:19 -04:00
Brian Demers
5339faf87f
Add license-maven-plugin to mange headers
...
and apply missing headers
usage:
# validate license headers exist
mvn license:check
# apply headers (to files without headers)
mvn license:format
2019-09-17 16:19:07 -04:00
Les Hazlewood
ff8a6bfe58
Merge pull request #414 from patton73/master
...
Added Gson serialization/deserialization Extension
2019-07-17 22:13:58 -04:00
patton73
73f7f9915b
Fixes for reviews. Hope i did not forget something.
2019-07-17 22:51:18 +02:00
patton73
2bb8e4d02e
Fixes for reviews. Hope i did not forget something.
2019-07-17 22:46:18 +02:00
Andrea Paternesi
e3a172b93d
Fix to pom file.
2019-07-16 16:41:58 +02:00
Andrea Paternesi
222032a208
Final fix. Typo fixes. And test coverage.
2019-07-16 16:36:12 +02:00
Andrea Paternesi
134f25b536
Fix locator paths and added tests.
2019-07-16 16:19:13 +02:00
patton73
fd52e0ffc2
Merge remote-tracking branch 'upstream/master'
2019-07-15 20:51:57 +02:00
Paul Polishchuk
dd638c2b3a
JwtBuilder.setClaims() now accepts `Map<String, ?> claims`
...
This would allow to pass `Map<String,String>`
2019-07-15 10:46:02 +03:00
Les Hazlewood
caa7b0e942
[maven-release-plugin] prepare for next development iteration
2019-07-11 20:12:25 -04:00
Les Hazlewood
b292b891ca
[maven-release-plugin] prepare release 0.10.7
2019-07-11 20:12:20 -04:00
patton73
9bf487f0b7
Updated RuntimeClasspath Serializer/Deserializer
2019-06-21 19:55:05 +02:00
Les Hazlewood
af72fabbf3
Refactored DeflateCompressionCodec to eliminate memory leak. Refactored GzipCompressionCodec and AbstractCompressionCodec to utilize consistent logic across compression algorithms. Resolves #392 .
2019-03-10 12:01:37 -04:00
Francois JACQUES
1b5b89304a
Fixes #397 : avoid dependency side effect to affect choice of json serializer/deserializer.
2019-03-10 11:59:31 -04:00
Les Hazlewood
70e6845b82
Ensure version is 0.10.7-SNAPSHOT to prep for the next release.
2019-03-10 11:59:31 -04:00
Micah Silverman
af73a02786
[maven-release-plugin] prepare for next development iteration
2019-02-25 13:33:47 -05:00
Micah Silverman
d29d6da989
[maven-release-plugin] prepare release jjwt-root-0.10.6
2019-02-25 13:33:39 -05:00
Les Hazlewood
bcfc0655e4
[maven-release-plugin] prepare for next development iteration
2018-08-13 20:28:38 -04:00
Les Hazlewood
2ceae3bc37
[maven-release-plugin] prepare release 0.10.3
2018-08-13 20:28:32 -04:00
Les Hazlewood
85d8920d79
Ensured symmetric logic between the Keys and SignatureAlgorithm helper methods for hmac key lengths.
...
Updated Android dependencies and ProGuard exclusion definitions
Updating docs to reflect 0.10.3 release
Resolves #381 , #382
2018-08-13 20:26:14 -04:00