Commit Graph

99 Commits

Author SHA1 Message Date
Les Hazlewood 3cd48fade7 [maven-release-plugin] prepare release 0.11.0 2020-02-05 12:28:58 -08:00
Les Hazlewood 950e6fbcc7
cherry-pick 4821395c06b0786e19b1a3153be65f39a2a524d9: Ensured SignatureAlgorithm `PS256`, `PS384`, and `PS512` worked properly on JDK 11 and later without requiring BouncyCastle. (#555) 2020-02-04 00:10:39 -08:00
dependabot[bot] eadf0ce4fc Bump jackson-databind from 2.9.10 to 2.9.10.1 (#532)
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10 to 2.9.10.1.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
2019-11-13 09:33:35 +01:00
Christian Schneider bf7e300d6b Remove extensions true, move jar plugin near bundle-plugin to show th… (#514)
* Remove extensions true, move jar plugin near bundle-plugin to show their configs are related

* Reverted to original version to make sure it still works on jdk7
2019-10-09 11:15:30 -04:00
Brian Demers ebdb4426f6
Update version to 0.11.0-SNAPSHOT (#506)
via: `mvn versions:set -DnewVersion=0.11.0-SNAPSHOT -DgenerateBackupPoms=false`
2019-10-03 12:09:48 -04:00
Brian Demers a0060d60f9
Fix duplicate japicmp plugin definition in root pom (#504)
Merge japicmp plugin definitions - caused by a merge
2019-09-30 14:59:21 -04:00
Brian Demers 6e74be0b8d
Fix split package issue in extensions/jackson and extensions/orgjson (#488)
* Fix split package issue in extensions/jackson and extensions/orgjson

This moves the implementation specific classes:
- `io.jsonwebtoken.io.Jackson*` to `io.jsonwebtoken.jackson.io.Jackson*`
- `io.jsonwebtoken.io.OrgJson*` to `io.jsonwebtoken.orgjson.io.OrgJson*`

* Add Backwards Compatibility Warning to CHANGELOG
* Add `jjwt-jackson:deprecated` and `jjwt-orgjson:deprecated` modules to retain backward-compatible versions of the Jackson and OrgJson Serializers (this is built with the shade plugin and binary compatibility validated with japicmp)

Fixes: #399
2019-09-27 17:11:19 -04:00
Christian Schneider b5958202c0 Reenable using the manifest from maven-bundle-plugin run (#503)
* Reenable using the manifest from maven-bundle-plugin run

* Also enable manifest changes again

* Remove import tweaks. Add optional bnd.bnd config
2019-09-27 13:52:45 -04:00
Brian Demers c246385be1
Updating to jackson-databind 2.9.10 (#498) 2019-09-25 14:28:34 -04:00
Brian Demers b327aeab7e Add support for testing with JDK11
There were a couple issues preventing running the build with Java 11
- A groovy bug - fixed with a version bump https://issues.apache.org/jira/browse/GROOVY-8727
- The ASM version that is embedded in easymock does NOT support Java 11 classes - worked around by stubbing out those usages instead
- javadoc modules issue - fixed by setting the Javadoc source version to 1.7
2019-09-24 18:57:06 -04:00
Brian Demers 5339faf87f
Add license-maven-plugin to mange headers
and apply missing headers

usage:
# validate license headers exist
mvn license:check

# apply headers (to files without headers)
mvn license:format
2019-09-17 16:19:07 -04:00
Brian Demers 718f357c58 Upgrade Jackson Databind 2.9.9.3
Fixes: #484
2019-09-12 17:45:36 -04:00
patton73 2bb8e4d02e Fixes for reviews. Hope i did not forget something. 2019-07-17 22:46:18 +02:00
Andrea Paternesi bb1fb76ce9 last fix to the pom? 2019-07-16 17:00:20 +02:00
Andrea Paternesi 262c527674 Fix locator paths and added tests. 2019-07-16 16:19:23 +02:00
Les Hazlewood caa7b0e942 [maven-release-plugin] prepare for next development iteration 2019-07-11 20:12:25 -04:00
Les Hazlewood b292b891ca [maven-release-plugin] prepare release 0.10.7 2019-07-11 20:12:20 -04:00
Les Hazlewood 4ae8f6d9c9 Issue 461: upgraded Jackson version to 2.9.9.1. Fixes #461. 2019-07-11 16:05:52 -04:00
Les Hazlewood 70e6845b82 Ensure version is 0.10.7-SNAPSHOT to prep for the next release. 2019-03-10 11:59:31 -04:00
Micah Silverman af73a02786 [maven-release-plugin] prepare for next development iteration 2019-02-25 13:33:47 -05:00
Micah Silverman d29d6da989 [maven-release-plugin] prepare release jjwt-root-0.10.6 2019-02-25 13:33:39 -05:00
Micah Silverman 79507b9f66 udpated jackson databind version to fix security vulnerability 2019-02-21 14:44:49 -08:00
Les Hazlewood 1839ebf5e8 # This is a combination of 2 commits.
# This is the 1st commit message:

[maven-release-plugin] prepare for next development iteration

# This is the commit message #2:

rebased from master before merge
2018-08-07 13:59:15 -04:00
Les Hazlewood d7071faeae [maven-release-plugin] prepare release 0.10.2 2018-08-07 13:43:48 -04:00
Les Hazlewood f19c34a763 Ensured JJWT's org.json use is compatible with Android's org.json API as defined in https://developer.android.com/reference/org/json/package-summary. Resolves #380. 2018-08-07 13:32:20 -04:00
Les Hazlewood 5e5f29d8b1 [maven-release-plugin] prepare release 0.10.1 2018-08-02 17:30:09 -04:00
Les Hazlewood 7f662627cc Ensured BouncyCastle was optional. Also ensured EllipticCurve algorithms could be used without BouncyCastle since the JDK supports EC by default. Moved RuntimeEnvironment.enableBouncyCastleIfPossible() call out of SignatureAlgorithm into RsaProvider since BC is only necessary for RSASSA-PSS algorithms (PS256, PS384, PS512) and nothing else in JJWT's codebase.
Resolves #372
2018-08-02 16:59:59 -04:00
Les Hazlewood b58e1b6dc5 [maven-release-plugin] prepare for next development iteration 2018-08-01 18:10:41 -04:00
Les Hazlewood 6b980553cf [maven-release-plugin] prepare release 0.10.0 2018-08-01 18:10:34 -04:00
Les Hazlewood 17af933665 [maven-release-plugin] rollback the release of 0.10.0 2018-08-01 18:02:51 -04:00
Les Hazlewood 9cfd861250 [maven-release-plugin] prepare for next development iteration 2018-08-01 18:00:33 -04:00
Les Hazlewood cd62ed1bbf [maven-release-plugin] prepare release 0.10.0 2018-08-01 18:00:27 -04:00
Les Hazlewood 3237b720bd - Enabled maven profile for JDK >= 9 that will add a surefire <argLine> with '--add-opens java.base/jdk.internal.loader=ALL-UNNAMED' to ensure module reflection can occur during tests.
- Disabled travis openjdk11 and oraclejdk-ea builds - those build environments are not currently stable

Resolves #364
2018-07-30 14:52:11 -04:00
Les Hazlewood 9d244b9fca Added new io.jsonwebtoken.crypto.Keys utility class for generating SecretKeys and KeyPairs. Resolves #350 2018-07-24 22:55:02 -04:00
Les Hazlewood f756408c60 353: upgraded bouncycastle to the latest stable 1.60 release. 2018-07-20 15:55:43 -04:00
Les Hazlewood 439c027c2e 348: Reorganize into a multi-module project. Includes test enhancements and code reorganization 2018-07-20 12:18:40 -04:00
Les Hazlewood 8afca0d0df 335: initial pluggable JSON (de)serialization support with Jackson and org.json as the first implementations, with Jackson being the default. Added tests to retain 100% code coverage. 2018-07-11 16:36:09 -04:00
Les Hazlewood 6e1415c441 - Implemented new Base64 encoder forked from MigBase64 to guarantee deterministic behavior on all JDK and Android platforms
- Allowed pluggable Encoder/Decoder for JWT building and parsing via new Encoder/Decoder and JwtBuilder#base64UrlEncodeWith
  and JwtParser#base64UrlDecodeWith methods respectively
- added RFC 4648 Base64 test vectors per code review
- Added tests for all new code to retain 100% code coverage, verified by Clover and Coveralls
- Enabled oraclejdk10 and openjdk10 builds in TravisCI
- Replaced gmaven plugin with gmavenplus to work on JDK >= 9
- Upgraded surefire and failsafe plugins to 2.22.0 to ensure build works on JDK >= 10
- Ensured JavaDoc linter wouldn't fail the build for JDK >= 8 (was previously only 1.8)
- Updated changelog doc to reflect new Base64 functionality
2018-07-08 20:29:49 -04:00
Les Hazlewood 47b6dad521 fixed master version - should always be a Maj.min.0-SNAPSHOT version. 2018-07-08 19:54:36 -04:00
Les Hazlewood 3ec0d1c8a0 merged from 0.9.x to pickup jackson upgrade 2018-07-05 18:31:37 -04:00
Les Hazlewood 15f5f253e7 Upgraded Jackson to latest stable 2.9.6. Fixes #337. 2018-07-05 17:59:23 -04:00
Les Hazlewood 3a9fecfd06
Merge branch '0.9.x' into Issue302_UpdateJackson 2018-07-05 12:46:11 -04:00
Les Hazlewood d8da276d9d updating for 0.9.x development 2018-07-05 12:42:08 -04:00
John Bard c7561b639b closes #302: Update jackson version
* Updates jackson-databind version to 2.8.11.1 to fix CVE-2017-17485

Signed-off-by: John Bard <jbard@vmware.com>
2018-03-02 10:17:08 -05:00
Mark Kempster e9ea740c4b Add project.url to satisfy the dependency-check-maven plugin
The MANIFEST.MF contains an Implementation-URL key, that comes from
project.url if defined. If not defined, jjwt's url comes from sonatype
which seems to falsely associate it with a sonatype/nexus CVE and
fails the project build.

https://github.com/jwtk/jjwt/issues/234
2017-10-19 22:47:26 -04:00
Micah Silverman 07f3388d08 [maven-release-plugin] prepare for next development iteration 2017-10-10 15:11:27 -04:00
Micah Silverman 6f4086d7f1 [maven-release-plugin] prepare release jjwt-0.9.0 2017-10-10 15:11:23 -04:00
Micah Silverman d229631af4 Added Java 9 build to Travis file. 2017-10-09 20:25:57 -04:00
Micah Silverman 91fd0fd3b4 Added support for Java 9 build and test run. Does not impact Java 8 build and test. Overrode some OSS version dependency version defaults to support Java 9. Updated javadocs in code to pass java 9 linter. 2017-10-09 20:15:18 -04:00
Micah Silverman 8248b6a38a [maven-release-plugin] prepare for next development iteration 2017-09-26 12:05:22 -04:00