Commit Graph

53 Commits

Author SHA1 Message Date
Brian Demers 43de9a34e3
Add parameterized return type to Maps.and() (#597)
Fixes: #591
2020-06-08 13:59:41 -04:00
Johannes Ballmann 6b02041be6
Accept oid in assertValid (#589)
* Add special handling for Hmac-Keys loaded from pkcs#12 keystores

* Link to openjdk bug in javadoc

* Switch to mocked key for OID algorithm name test, eliminate KeyStore Usage in Test.

* Replace alternateNames oid field and remove from public api.

* Rename oid to pkcs12Name, make sure it's non null.
2020-06-06 16:44:07 -04:00
Les Hazlewood 5616ba769a [maven-release-plugin] prepare for next development iteration 2020-03-12 16:59:12 -04:00
Les Hazlewood c09deaa5f3 [maven-release-plugin] prepare release 0.11.1 2020-03-12 16:59:05 -04:00
Les Hazlewood c563365b97 Prepping for the 0.11.0 --> 0.11.1 release 2020-03-12 16:56:17 -04:00
Les Hazlewood 6565bdc019
Minor JavaDoc fix and changelog updates. Fixes #535 (#575) 2020-03-12 16:25:12 -04:00
Brian Demers 9e65ab7be0 Services now checks the contextClassLoader, Services.class.classLoader, and the system classloader
Fixes: #568
2020-03-12 15:43:37 -04:00
Les Hazlewood 23743f5a59 [maven-release-plugin] prepare for next development iteration 2020-02-05 12:29:05 -08:00
Les Hazlewood 3cd48fade7 [maven-release-plugin] prepare release 0.11.0 2020-02-05 12:28:58 -08:00
Les Hazlewood b4363e1572
- Update README to use `parserBuilder()` instead of `parser()` (#499) (#559)
- Docs: Adds section to README covering custom object parsing (#500)
- Docs: Add note about JwtParserBuilder creating an immutable JwtParser (#508)
Doc: #486
Fixes: #494
Doc: #495
Fixes: #171

Updated documentation and changelog to reflect the new Gson extension. Fixes #410. (#476)

Co-authored-by: Brian Demers <brian.demers@gmail.com>
2020-02-05 12:08:18 -08:00
Les Hazlewood 950e6fbcc7
cherry-pick 4821395c06b0786e19b1a3153be65f39a2a524d9: Ensured SignatureAlgorithm `PS256`, `PS384`, and `PS512` worked properly on JDK 11 and later without requiring BouncyCastle. (#555) 2020-02-04 00:10:39 -08:00
Les Hazlewood 9481f317e1
Resolves #552 : changed mock implementation to speed up a very slow test (#553) 2020-02-03 13:41:30 -08:00
Micah Silverman dacdb2ce25
relocated Service.java to impl module (along with tests). (#529) 2019-10-27 17:13:49 -04:00
Brian Demers 7037d64d24 Reduce scope of Service Loader work to CompressionCodecs and JsonSerializers
Fixes: #458
2019-10-23 09:14:08 -07:00
Jaap Coomans ef32a1386d Use ServiceLoader instead of reflection to resolve implementation classes.
By using ServiceLoader the hardcoded dependency of implementation classes becomes obsolete, so that the API will be truly independent from the implementation. Also this approach paves the way for migration to JPMS modules, as these also leverage the ServiceLoader API.

Use ServiceLoader instead of reflection to resolve CompressionCodec implementation classes.

Isolate key- and key-pair generators and use ServiceLoader instead of reflection to invert dependencies.

Move FactoryLoader logic to Services class and improve package layout.

Resolve Deserializer using the ServiceLoader instead of reflection and hardcoded reference.

Resolve Serializer using the ServiceLoader instead of reflection and hardcoded reference.
2019-10-23 09:13:58 -07:00
Brian Demers ebdb4426f6
Update version to 0.11.0-SNAPSHOT (#506)
via: `mvn versions:set -DnewVersion=0.11.0-SNAPSHOT -DgenerateBackupPoms=false`
2019-10-03 12:09:48 -04:00
Brian Demers 94d151129d
Add JwtParserBuilder as the preferred way to create a JwtParser instance (#486)
- Added new JwtParserBuilder
- Copied mutator methods from JwtParser into new JwtParserBuilder
- Marked said methods as deprecated in JwtParser
- Copied JwtParserTest and JwtsTest to Deprecated*, as to retain coverage on methods that will be removed in 1.0
- Added ImmutableJwtParser
  This is a stop gap until 1.0, all of the mutable methods will now throw a IllegalStateException.
  NOTE: this only comes into place when using the new Jwts.parserBuilder(), Jwts.parser() is unchanged.

Fixes: #473
2019-10-01 12:03:20 -04:00
Brian Demers 7090bf39c3
Add support for custom type deserialization with Jackson (#495)
- Adds new constructor JacksonDeserializer(Map<String, Class> claimTypeMap), which will enable later calls Claims.get("key", CustomType.class) to work as expectd
 - Adds new Maps utility class to make map creation fluent

Fixes: #369
2019-09-30 17:24:57 -04:00
Brian Demers b327aeab7e Add support for testing with JDK11
There were a couple issues preventing running the build with Java 11
- A groovy bug - fixed with a version bump https://issues.apache.org/jira/browse/GROOVY-8727
- The ASM version that is embedded in easymock does NOT support Java 11 classes - worked around by stubbing out those usages instead
- javadoc modules issue - fixed by setting the Javadoc source version to 1.7
2019-09-24 18:57:06 -04:00
Brian Demers 5339faf87f
Add license-maven-plugin to mange headers
and apply missing headers

usage:
# validate license headers exist
mvn license:check

# apply headers (to files without headers)
mvn license:format
2019-09-17 16:19:07 -04:00
Paul Polishchuk dd638c2b3a JwtBuilder.setClaims() now accepts `Map<String, ?> claims`
This would allow to pass `Map<String,String>`
2019-07-15 10:46:02 +03:00
Les Hazlewood caa7b0e942 [maven-release-plugin] prepare for next development iteration 2019-07-11 20:12:25 -04:00
Les Hazlewood b292b891ca [maven-release-plugin] prepare release 0.10.7 2019-07-11 20:12:20 -04:00
Les Hazlewood 70e6845b82 Ensure version is 0.10.7-SNAPSHOT to prep for the next release. 2019-03-10 11:59:31 -04:00
Micah Silverman af73a02786 [maven-release-plugin] prepare for next development iteration 2019-02-25 13:33:47 -05:00
Micah Silverman d29d6da989 [maven-release-plugin] prepare release jjwt-root-0.10.6 2019-02-25 13:33:39 -05:00
Johannes Wengert 0fd3622703 Fix JwtBuilder javadoc - resolves #386 2018-08-16 09:42:53 +02:00
Les Hazlewood a7ee38053d Merge branch '0.10.x' 2018-08-14 12:31:34 -04:00
Les Hazlewood eca0b0614d [maven-release-plugin] prepare for next development iteration 2018-08-14 11:48:28 -04:00
Les Hazlewood 14a116beba [maven-release-plugin] prepare release 0.10.4 2018-08-14 11:48:21 -04:00
Les Hazlewood 56b3a71733 Ensured JCA Name comparison is not case sensitive per Java Security Standard Algorithm Names documentation. Accompanied with test case for regression.
Resolves #381
2018-08-14 11:42:47 -04:00
Les Hazlewood a4b388cd2e created 0.10.x branch and updated project files to prep for upcoming 0.10.4 release. 2018-08-14 11:16:05 -04:00
Les Hazlewood bcfc0655e4 [maven-release-plugin] prepare for next development iteration 2018-08-13 20:28:38 -04:00
Les Hazlewood 2ceae3bc37 [maven-release-plugin] prepare release 0.10.3 2018-08-13 20:28:32 -04:00
Les Hazlewood 85d8920d79 Ensured symmetric logic between the Keys and SignatureAlgorithm helper methods for hmac key lengths.
Updated Android dependencies and ProGuard exclusion definitions
Updating docs to reflect 0.10.3 release
Resolves #381, #382
2018-08-13 20:26:14 -04:00
Les Hazlewood d7071faeae [maven-release-plugin] prepare release 0.10.2 2018-08-07 13:43:48 -04:00
Les Hazlewood f19c34a763 Ensured JJWT's org.json use is compatible with Android's org.json API as defined in https://developer.android.com/reference/org/json/package-summary. Resolves #380. 2018-08-07 13:32:20 -04:00
Les Hazlewood 5e5f29d8b1 [maven-release-plugin] prepare release 0.10.1 2018-08-02 17:30:09 -04:00
Les Hazlewood 7f662627cc Ensured BouncyCastle was optional. Also ensured EllipticCurve algorithms could be used without BouncyCastle since the JDK supports EC by default. Moved RuntimeEnvironment.enableBouncyCastleIfPossible() call out of SignatureAlgorithm into RsaProvider since BC is only necessary for RSASSA-PSS algorithms (PS256, PS384, PS512) and nothing else in JJWT's codebase.
Resolves #372
2018-08-02 16:59:59 -04:00
Les Hazlewood b58e1b6dc5 [maven-release-plugin] prepare for next development iteration 2018-08-01 18:10:41 -04:00
Les Hazlewood 6b980553cf [maven-release-plugin] prepare release 0.10.0 2018-08-01 18:10:34 -04:00
Les Hazlewood 17af933665 [maven-release-plugin] rollback the release of 0.10.0 2018-08-01 18:02:51 -04:00
Les Hazlewood 9cfd861250 [maven-release-plugin] prepare for next development iteration 2018-08-01 18:00:33 -04:00
Les Hazlewood cd62ed1bbf [maven-release-plugin] prepare release 0.10.0 2018-08-01 18:00:27 -04:00
Les Hazlewood 8b3f6cac53 Finally proper documentation! Updated changelog as well. Resolves #355. 2018-08-01 16:41:41 -04:00
Les Hazlewood 3237b720bd - Enabled maven profile for JDK >= 9 that will add a surefire <argLine> with '--add-opens java.base/jdk.internal.loader=ALL-UNNAMED' to ensure module reflection can occur during tests.
- Disabled travis openjdk11 and oraclejdk-ea builds - those build environments are not currently stable

Resolves #364
2018-07-30 14:52:11 -04:00
Les Hazlewood a669cad29b - Added JwtBuilder#signWith(Key) with tests and refactoring. Deprecated additional signWith methods that can lead to confusion.
- Made some tests more deterministic with mocks instead of relying on Random number generator - BigInteger values were non-deterministic because of a random leading sign bit being there (or not) during test runs.

Resolves #366
2018-07-27 23:57:22 -04:00
Les Hazlewood 9189253668 334: key strength assertions and signature validation. Resolves #334 2018-07-27 15:17:01 -04:00
Les Hazlewood 9d244b9fca Added new io.jsonwebtoken.crypto.Keys utility class for generating SecretKeys and KeyPairs. Resolves #350 2018-07-24 22:55:02 -04:00
Les Hazlewood 3549cf48db 285: added throws clause and updated javadoc 2018-07-23 15:53:54 -04:00