- POM and JavaDoc updates to get a clean (warning free) build, remove duplicates, etc
- Ensured CI uses the release build profile (i.e. 'ossrh') to ensure we can execute all things necessary for a release. This will not deploy to ossrh however, as we do that manually during a release per https://github.com/jwtk/jjwt/wiki#release-instructions
- Fixing JavaDoc lint errors surfacing on JDK 14
- Enable html5 for JavaDoc on JDK >= 9
- Used version properties and Maven profiles to allow the japicmp-maven-plugin to work with JDK 7 through 18
- Minor CI job name fixes, added additional zulu JDK versions
- Fixed build to run on all JDKs, from 7 to 18 inclusive
Move the parser error handling logic out of DefaultJwtParser into the new JwtDeserializer and wraps them with developer freiendly exceptions
Add check for common JSON parsing exceptions like stack overflow when parsing deeply nested (or malformed) JSON
By using ServiceLoader the hardcoded dependency of implementation classes becomes obsolete, so that the API will be truly independent from the implementation. Also this approach paves the way for migration to JPMS modules, as these also leverage the ServiceLoader API.
Use ServiceLoader instead of reflection to resolve CompressionCodec implementation classes.
Isolate key- and key-pair generators and use ServiceLoader instead of reflection to invert dependencies.
Move FactoryLoader logic to Services class and improve package layout.
Resolve Deserializer using the ServiceLoader instead of reflection and hardcoded reference.
Resolve Serializer using the ServiceLoader instead of reflection and hardcoded reference.
* Fixes test error caused by groovy type coercion
A long was being treated as a float
* Fixes test error caused by groovy type coercion
A long was being treated as a float
- Added new JwtParserBuilder
- Copied mutator methods from JwtParser into new JwtParserBuilder
- Marked said methods as deprecated in JwtParser
- Copied JwtParserTest and JwtsTest to Deprecated*, as to retain coverage on methods that will be removed in 1.0
- Added ImmutableJwtParser
This is a stop gap until 1.0, all of the mutable methods will now throw a IllegalStateException.
NOTE: this only comes into place when using the new Jwts.parserBuilder(), Jwts.parser() is unchanged.
Fixes: #473
- Adds new constructor JacksonDeserializer(Map<String, Class> claimTypeMap), which will enable later calls Claims.get("key", CustomType.class) to work as expectd
- Adds new Maps utility class to make map creation fluent
Fixes: #369
* Fix split package issue in extensions/jackson and extensions/orgjson
This moves the implementation specific classes:
- `io.jsonwebtoken.io.Jackson*` to `io.jsonwebtoken.jackson.io.Jackson*`
- `io.jsonwebtoken.io.OrgJson*` to `io.jsonwebtoken.orgjson.io.OrgJson*`
* Add Backwards Compatibility Warning to CHANGELOG
* Add `jjwt-jackson:deprecated` and `jjwt-orgjson:deprecated` modules to retain backward-compatible versions of the Jackson and OrgJson Serializers (this is built with the shade plugin and binary compatibility validated with japicmp)
Fixes: #399
