honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
403 Commits 16 Branches 33 Tags 154 MiB
Commit Graph

88 Commits

Author SHA1 Message Date
Brian Demers 718f357c58 Upgrade Jackson Databind 2.9.9.3 
Fixes: #484
 2019-09-12 17:45:36 -04:00
patton73 2bb8e4d02e Fixes for reviews. Hope i did not forget something. 2019-07-17 22:46:18 +02:00
Andrea Paternesi bb1fb76ce9 last fix to the pom? 2019-07-16 17:00:20 +02:00
Andrea Paternesi 262c527674 Fix locator paths and added tests. 2019-07-16 16:19:23 +02:00
Les Hazlewood caa7b0e942 [maven-release-plugin] prepare for next development iteration 2019-07-11 20:12:25 -04:00
Les Hazlewood b292b891ca [maven-release-plugin] prepare release 0.10.7 2019-07-11 20:12:20 -04:00
Les Hazlewood 4ae8f6d9c9 Issue 461: upgraded Jackson version to 2.9.9.1. Fixes #461. 2019-07-11 16:05:52 -04:00
Les Hazlewood 70e6845b82 Ensure version is 0.10.7-SNAPSHOT to prep for the next release. 2019-03-10 11:59:31 -04:00
Micah Silverman af73a02786 [maven-release-plugin] prepare for next development iteration 2019-02-25 13:33:47 -05:00
Micah Silverman d29d6da989 [maven-release-plugin] prepare release jjwt-root-0.10.6 2019-02-25 13:33:39 -05:00
Micah Silverman 79507b9f66 udpated jackson databind version to fix security vulnerability 2019-02-21 14:44:49 -08:00
Les Hazlewood 1839ebf5e8 # This is a combination of 2 commits. 
# This is the 1st commit message:

[maven-release-plugin] prepare for next development iteration

# This is the commit message #2:

rebased from master before merge
 2018-08-07 13:59:15 -04:00
Les Hazlewood d7071faeae [maven-release-plugin] prepare release 0.10.2 2018-08-07 13:43:48 -04:00
Les Hazlewood f19c34a763 Ensured JJWT's org.json use is compatible with Android's org.json API as defined in https://developer.android.com/reference/org/json/package-summary. Resolves #380. 2018-08-07 13:32:20 -04:00
Les Hazlewood 5e5f29d8b1 [maven-release-plugin] prepare release 0.10.1 2018-08-02 17:30:09 -04:00
Les Hazlewood 7f662627cc Ensured BouncyCastle was optional. Also ensured EllipticCurve algorithms could be used without BouncyCastle since the JDK supports EC by default. Moved RuntimeEnvironment.enableBouncyCastleIfPossible() call out of SignatureAlgorithm into RsaProvider since BC is only necessary for RSASSA-PSS algorithms (PS256, PS384, PS512) and nothing else in JJWT's codebase. 
Resolves #372
 2018-08-02 16:59:59 -04:00
Les Hazlewood b58e1b6dc5 [maven-release-plugin] prepare for next development iteration 2018-08-01 18:10:41 -04:00
Les Hazlewood 6b980553cf [maven-release-plugin] prepare release 0.10.0 2018-08-01 18:10:34 -04:00
Les Hazlewood 17af933665 [maven-release-plugin] rollback the release of 0.10.0 2018-08-01 18:02:51 -04:00
Les Hazlewood 9cfd861250 [maven-release-plugin] prepare for next development iteration 2018-08-01 18:00:33 -04:00
Les Hazlewood cd62ed1bbf [maven-release-plugin] prepare release 0.10.0 2018-08-01 18:00:27 -04:00
Les Hazlewood 3237b720bd - Enabled maven profile for JDK >= 9 that will add a surefire <argLine> with '--add-opens java.base/jdk.internal.loader=ALL-UNNAMED' to ensure module reflection can occur during tests. 
- Disabled travis openjdk11 and oraclejdk-ea builds - those build environments are not currently stable

Resolves #364
 2018-07-30 14:52:11 -04:00
Les Hazlewood 9d244b9fca Added new io.jsonwebtoken.crypto.Keys utility class for generating SecretKeys and KeyPairs. Resolves #350 2018-07-24 22:55:02 -04:00
Les Hazlewood f756408c60 353: upgraded bouncycastle to the latest stable 1.60 release. 2018-07-20 15:55:43 -04:00
Les Hazlewood 439c027c2e 348: Reorganize into a multi-module project. Includes test enhancements and code reorganization 2018-07-20 12:18:40 -04:00
Les Hazlewood 8afca0d0df 335: initial pluggable JSON (de)serialization support with Jackson and org.json as the first implementations, with Jackson being the default. Added tests to retain 100% code coverage. 2018-07-11 16:36:09 -04:00
Les Hazlewood 6e1415c441 - Implemented new Base64 encoder forked from MigBase64 to guarantee deterministic behavior on all JDK and Android platforms 
- Allowed pluggable Encoder/Decoder for JWT building and parsing via new Encoder/Decoder and JwtBuilder#base64UrlEncodeWith
  and JwtParser#base64UrlDecodeWith methods respectively
- added RFC 4648 Base64 test vectors per code review
- Added tests for all new code to retain 100% code coverage, verified by Clover and Coveralls
- Enabled oraclejdk10 and openjdk10 builds in TravisCI
- Replaced gmaven plugin with gmavenplus to work on JDK >= 9
- Upgraded surefire and failsafe plugins to 2.22.0 to ensure build works on JDK >= 10
- Ensured JavaDoc linter wouldn't fail the build for JDK >= 8 (was previously only 1.8)
- Updated changelog doc to reflect new Base64 functionality
 2018-07-08 20:29:49 -04:00
Les Hazlewood 47b6dad521 fixed master version - should always be a Maj.min.0-SNAPSHOT version. 2018-07-08 19:54:36 -04:00
Les Hazlewood 3ec0d1c8a0 merged from 0.9.x to pickup jackson upgrade 2018-07-05 18:31:37 -04:00
Les Hazlewood 15f5f253e7 Upgraded Jackson to latest stable 2.9.6. Fixes #337. 2018-07-05 17:59:23 -04:00
Les Hazlewood 3a9fecfd06
Merge branch '0.9.x' into Issue302_UpdateJackson 2018-07-05 12:46:11 -04:00
Les Hazlewood d8da276d9d updating for 0.9.x development 2018-07-05 12:42:08 -04:00
John Bard c7561b639b closes #302: Update jackson version 
* Updates jackson-databind version to 2.8.11.1 to fix CVE-2017-17485

Signed-off-by: John Bard <jbard@vmware.com>
 2018-03-02 10:17:08 -05:00
Mark Kempster e9ea740c4b Add project.url to satisfy the dependency-check-maven plugin 
The MANIFEST.MF contains an Implementation-URL key, that comes from
project.url if defined. If not defined, jjwt's url comes from sonatype
which seems to falsely associate it with a sonatype/nexus CVE and
fails the project build.

https://github.com/jwtk/jjwt/issues/234
 2017-10-19 22:47:26 -04:00
Micah Silverman 07f3388d08 [maven-release-plugin] prepare for next development iteration 2017-10-10 15:11:27 -04:00
Micah Silverman 6f4086d7f1 [maven-release-plugin] prepare release jjwt-0.9.0 2017-10-10 15:11:23 -04:00
Micah Silverman d229631af4 Added Java 9 build to Travis file. 2017-10-09 20:25:57 -04:00
Micah Silverman 91fd0fd3b4 Added support for Java 9 build and test run. Does not impact Java 8 build and test. Overrode some OSS version dependency version defaults to support Java 9. Updated javadocs in code to pass java 9 linter. 2017-10-09 20:15:18 -04:00
Micah Silverman 8248b6a38a [maven-release-plugin] prepare for next development iteration 2017-09-26 12:05:22 -04:00
Micah Silverman 50187e0d08 [maven-release-plugin] prepare release 0.8.0 2017-09-26 12:05:18 -04:00
Micah Silverman 5ffee1e3ac Switched from jacoco to open-clover. Updated GzipCompressionCodec to improve coverage report. 2017-09-09 23:17:36 -04:00
Mark Symons 6563e4f1d0 Update jackson.version to 2.8.9 
Addresses Jackson Deserializer security vulnerability: FasterXML/jackson-databind#1599
 2017-06-24 15:51:03 +01:00
aadrian 4bb111b327 try updating other dependencies too. 2017-05-13 17:43:43 +02:00
aadrian e780c224c8 update bouncycastle and logback versions 2017-05-13 17:28:01 +02:00
Les Hazlewood 29241c3b66 [maven-release-plugin] prepare for next development iteration 2016-09-12 17:37:12 -07:00
Les Hazlewood c86c775caf [maven-release-plugin] prepare release 0.7.0 2016-09-12 17:37:08 -07:00
Les Hazlewood 79e95856a4 161: upgraded library versions to latest stable 2016-09-11 12:48:48 -07:00
Micah Silverman 82f4b0a696 updated to jacoco as only jacoco supports java 8 per: https://github.com/trautonen/coveralls-maven-plugin#faq 2016-07-04 01:01:42 -04:00
Martin Treurnicht 61510dfca5 Cleanup as per request of https://github.com/lhazlewood 2016-06-28 12:12:40 -07:00
Martin Treurnicht a73e0044b8 Fixed ECDSA Signing and verification to use R + S curve points as per spec https://tools.ietf.org/html/rfc7515#page-45 2016-06-27 15:43:35 -07:00