honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
474 Commits 16 Branches 33 Tags 154 MiB
Commit Graph

474 Commits

Author SHA1 Message Date
Brian Demers 8a11a4ed18 Adds handling for common JSON parsing exceptions and wraps them in a `JwtException` 
Move the parser error handling logic out of DefaultJwtParser into the new JwtDeserializer and wraps them with developer freiendly exceptions
Add check for common JSON parsing exceptions like stack overflow when parsing deeply nested (or malformed) JSON
 2021-07-09 17:08:56 -04:00
minho d9da0e3e80 update installation using Gradle 2021-07-09 16:48:21 -04:00
minho 861ec66832 Revert "update readme.md: installation in gradle 7+" 
This reverts commit 371577df98.
 2021-07-09 16:48:21 -04:00
minho 915a3753c4 update readme.md: installation in gradle 7+ 2021-07-09 16:48:21 -04:00
Brian Demers 1118726d04 Update fork of coverall-maven-plugin fork 
NOTE: This fork supports Clover for test coverage
 2021-07-09 13:23:41 -04:00
Tomasz Zarna a4130dd1ec Remove unused import of java.util.Arrays in RsaSignatureValidator 2021-03-10 10:14:13 -05:00
dependabot[bot] 8ed4ab407e Bump jackson-databind from 2.9.10.5 to 2.9.10.7 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.5 to 2.9.10.7.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-19 10:11:08 -05:00
Dominik Dorn 894d6f298b
fixed typo (#646) 2021-02-17 10:39:11 -08:00
dependabot[bot] 71ed1b67aa Bump junit from 4.12 to 4.13.1 
Bumps [junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md)
- [Commits](https://github.com/junit-team/junit4/compare/r4.12...r4.13.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-10-13 14:48:06 -04:00
jonfrench 5c5f1b818a
Added "are" to correct grammar (#605) 2020-07-22 19:20:55 -04:00
Chen d02cee5474
FixTypo (#607) 2020-07-22 19:20:12 -04:00
Brian Demers 901048aeac Removes eager initialization of the CompressionCodecResolver in the JwtParserBuilder 
This removes a potential service loader issue with OSGi runtimes.

Fixes: #578
 2020-07-13 12:56:05 -04:00
Brian Demers dc120e8c54 Correcting dependabot version bump of Jackson to 2.9.10.5 2020-07-09 16:04:45 -04:00
dependabot[bot] 6f2c0c37aa Bump jackson-databind from 2.9.10.4 to 2.10.0.pr1 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.4 to 2.10.0.pr1.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-07-09 16:04:45 -04:00
Brian Demers 3aaa70bd18 Updates the Java 7 install location for CI 
The previously used URL is dead, which was preventing other PRs from passing CI
 2020-07-09 15:23:35 -04:00
Les Hazlewood 14b2f19b29 [maven-release-plugin] prepare for next development iteration 2020-06-11 15:50:09 -04:00
Les Hazlewood 274749373f [maven-release-plugin] prepare release 0.11.2 2020-06-11 15:50:00 -04:00
Les Hazlewood 0596bea16a Updating readme dependency references to reflect the 0.11.2 release 2020-06-11 14:24:23 -04:00
Les Hazlewood 5c8064bbd1 Updated changelog to link to the 0.11.2 milestone 2020-06-11 14:21:03 -04:00
Les Hazlewood 26527bd43c Updated the pom snapshot versions to prepare for the upcoming 0.11.2 release 2020-06-11 14:16:29 -04:00
Les Hazlewood 2f897cbb4d Updated the changelog for the upcoming 0.11.2 release 2020-06-11 14:14:42 -04:00
Les Hazlewood 72973f9b9b
Argument validation for allowedClockSkewSeconds (#601) 
* 583: ensured setting allowedClockSkewSeconds to be greater than (Long.MAX_VALUE / 1000) will throw an IllegalArgumentException.
 2020-06-11 13:46:03 -04:00
Philipp Zormeier 2b00ed1819
Add DefaultJwtParser functionality to parse JWSs with empty body. (#540) 
* Add DefaultJwtParser functionality to parse JWSs with empty body.

* Review Fix: Change allowEmptyBody(boolean) to requirePayload(boolean). Set payloadRequired true for each require*() method in JwtParser and JwtParserBuilder.

* Add missing ImmutableJwtParserTest.

* Review changes: Moving to solution without payload requirement flag.

* Review changes: Allow empty Jwt payload

* Remove unused imports

Co-authored-by: Philipp Zormeier <philipp.zormeier@thoughtworks.com>
 2020-06-08 14:07:10 -04:00
Johannes Ballmann 82b870e283
Add support for jdk14 (#590) 2020-06-08 14:00:59 -04:00
Oleg Kuzych d8c313cfa6
Fix GsonDeserializer to support unicode characters independently of "file.encoding" system property's value being used by JVM (#592) 
Co-authored-by: Oleh Kuzych <oleh_kuzych_tp@bmc.com>
 2020-06-08 14:00:17 -04:00
Brian Demers 43de9a34e3
Add parameterized return type to Maps.and() (#597) 
Fixes: #591
 2020-06-08 13:59:41 -04:00
Johannes Ballmann 6b02041be6
Accept oid in assertValid (#589) 
* Add special handling for Hmac-Keys loaded from pkcs#12 keystores

* Link to openjdk bug in javadoc

* Switch to mocked key for OID algorithm name test, eliminate KeyStore Usage in Test.

* Replace alternateNames oid field and remove from public api.

* Rename oid to pkcs12Name, make sure it's non null.
 2020-06-06 16:44:07 -04:00
Carsten Ziegeler 403e1895e3
Attach implementation bundles as fragments to the API bundle to make them visible to the API bundle. This fixes jwtk#578 (jwtk#578) (#580) 2020-04-27 17:40:02 -04:00
dependabot[bot] 972591f87f
Bump jackson-databind from 2.9.10.3 to 2.9.10.4 (#587) 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.3 to 2.9.10.4.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-04-24 16:06:43 -04:00
Les Hazlewood 5616ba769a [maven-release-plugin] prepare for next development iteration 2020-03-12 16:59:12 -04:00
Les Hazlewood c09deaa5f3 [maven-release-plugin] prepare release 0.11.1 2020-03-12 16:59:05 -04:00
Les Hazlewood c563365b97 Prepping for the 0.11.0 --> 0.11.1 release 2020-03-12 16:56:17 -04:00
Les Hazlewood f22a0e955a Prepping for the 0.11.0 --> 0.11.1 release 2020-03-12 16:44:01 -04:00
Les Hazlewood 2349d4dce3
Upgraded Jackson dependency to 2.9.10.3. Resolves #567. (#576) 2020-03-12 16:40:52 -04:00
Les Hazlewood 6565bdc019
Minor JavaDoc fix and changelog updates. Fixes #535 (#575) 2020-03-12 16:25:12 -04:00
Brian Demers 9e65ab7be0 Services now checks the contextClassLoader, Services.class.classLoader, and the system classloader 
Fixes: #568
 2020-03-12 15:43:37 -04:00
Brian Demers 111633fa88 Gson Serializer/Deserializer are now correctly registered service when found on the classpath 
Added test to other serializer implementations as well

Fixes: #563
 2020-03-05 14:11:34 -05:00
dependabot[bot] 0fd59efc93 Bump jackson-databind from 2.9.10.1 to 2.9.10.3 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.1 to 2.9.10.3.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-03-05 10:09:47 -05:00
Brian Demers e115085b14 Allow JacksonDeserializer to work with Java 9+ Map.of 
and other maps that do NOT allow null keys
 2020-02-24 16:01:18 -05:00
Les Hazlewood 09637f1e66 Fixing version references for the 0.11.0 release. 2020-02-05 12:50:13 -08:00
Les Hazlewood 23743f5a59 [maven-release-plugin] prepare for next development iteration 2020-02-05 12:29:05 -08:00
Les Hazlewood 3cd48fade7 [maven-release-plugin] prepare release 0.11.0 2020-02-05 12:28:58 -08:00
Les Hazlewood b4363e1572
- Update README to use `parserBuilder()` instead of `parser()` (#499) (#559) 
- Docs: Adds section to README covering custom object parsing (#500)
- Docs: Add note about JwtParserBuilder creating an immutable JwtParser (#508)
Doc: #486
Fixes: #494
Doc: #495
Fixes: #171

Updated documentation and changelog to reflect the new Gson extension. Fixes #410. (#476)

Co-authored-by: Brian Demers <brian.demers@gmail.com>
 2020-02-05 12:08:18 -08:00
Les Hazlewood 1aa8225703
Documented how to convert strings to SecretKey instances. Resolves #517 (#561) 2020-02-04 22:50:56 -08:00
Les Hazlewood 5481248a71
Documented why changing Base64 sometimes does not invalid signature checks. Resolves #518 (#560) 2020-02-04 18:33:36 -08:00
Les Hazlewood c38f4af239
Ensured DeflateCompressionCodec could fallback to <= 0.10.6 implementation if encountering an IOException. This allows compressed JWTs created before 0.10.7 to still work. Fixes #536 (#556) (#557) 2020-02-04 14:29:16 -08:00
Les Hazlewood 950e6fbcc7
cherry-pick 4821395c06b0786e19b1a3153be65f39a2a524d9: Ensured SignatureAlgorithm `PS256`, `PS384`, and `PS512` worked properly on JDK 11 and later without requiring BouncyCastle. (#555) 2020-02-04 00:10:39 -08:00
Les Hazlewood 9481f317e1
Resolves #552 : changed mock implementation to speed up a very slow test (#553) 2020-02-03 13:41:30 -08:00
Brian Demers 2fd3f06b7b
Update SignatureValidator to use MessageDigest (#548) 2020-01-27 14:20:21 -05:00
dependabot[bot] eadf0ce4fc Bump jackson-databind from 2.9.10 to 2.9.10.1 (#532) 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10 to 2.9.10.1.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-11-13 09:33:35 +01:00