Commit Graph

275 Commits

Author SHA1 Message Date
Paul Cook e8ba6192f3 tests 2017-07-26 15:56:37 +01:00
Paul Cook f1e1eecc25 remove some <>'s and undo some accidental codestyle changes 2017-07-25 17:52:45 +01:00
Paul Cook ba3ae16141 add support for supplying multiple public keys that will be attempted when validating a token signature
this facilitates the supporting of certificate rotation, and there being multiple valid keys available during a rotation cycle
2017-07-25 16:19:09 +01:00
Les Hazlewood ac73b1caa9 Merge pull request #232 from msymons/master
Update jackson.version to 2.8.9
2017-06-24 11:35:39 -04:00
Mark Symons 6563e4f1d0 Update jackson.version to 2.8.9
Addresses Jackson Deserializer security vulnerability: FasterXML/jackson-databind#1599
2017-06-24 15:51:03 +01:00
Les Hazlewood bc9e9c7c06 Merge pull request #224 from woody77/master
Test for instanceof PrivateKey and instanceof ECKey when signing
2017-05-25 12:38:44 -07:00
Aaron Wood 2b8ad0c05a Similar to issue #68 (https://github.com/jwtk/jjwt/issues/68), EC keys on Android do not implement ECPrivateKey. This changes the check in EllipticCurveSigner.java to use the same test as was used to solve issue #68 for RSA keys. 2017-05-24 15:33:50 -07:00
Les Hazlewood 8a6f588e81 Merge pull request #200 from roberterdin/master
Added addClaims function to JwtBuilder as described in Issue #196.
2017-05-16 12:46:48 -07:00
Les Hazlewood cb9e24a06f Merge pull request #207 from jwtk/issue/206
Removed redundant/incorrect docs
2017-05-16 12:41:05 -07:00
Les Hazlewood cb5a99265f Merge pull request #209 from arlemi/master
Update README.md
2017-05-16 12:39:24 -07:00
Les Hazlewood 879ed12ee1 Merge pull request #222 from aadrian/patch_1
update bouncycastle and logback versions
2017-05-16 12:38:52 -07:00
aadrian 65463328be fix Travis again. 2017-05-13 17:58:47 +02:00
aadrian a473dc4be1 try using a build matrix for Travis 2017-05-13 17:55:00 +02:00
aadrian 4bb111b327 try updating other dependencies too. 2017-05-13 17:43:43 +02:00
aadrian e780c224c8 update bouncycastle and logback versions 2017-05-13 17:28:01 +02:00
Arlemi 9b944fc999 Update README.md
Added missing Variable Declarator for the IncorrectClaimException catch
2017-02-15 16:01:11 +01:00
Micah Silverman 2d6233fa78 Removed redundant/incorrect docs 2017-02-14 22:42:41 -08:00
Robert Erdin b250af4149 Added addClaims function to JwtBuilder as described in Issue #196.
This function does not overwrite existing claims (as compared to setClaims).
2017-01-10 13:22:23 +01:00
Les Hazlewood 5c0cfdc897 Merge pull request #195 from svanscho/readme-typo
Fixed small typo in code snippet
2016-12-15 09:37:41 -08:00
Sander Van Schoote 6ce8752926 Fixed small typo in code snippet 2016-12-15 18:17:34 +10:00
Les Hazlewood 48dae365b1 Merge pull request #172 from sainaen/numeric_claims_fix_typing
Implement type conversions of integral claim values
2016-09-22 10:20:12 -07:00
Les Hazlewood eee5fffb61 Merge pull request #145 from brentstormpath/master
Readme Update
2016-09-22 10:17:24 -07:00
sainaen 13906d3746 Implement type conversions of integral claim values
Jackson chooses the target type for JSON numbers based on their value,
while deserializing without correct typing information present.
This leads to a confusing behavior:

    String token = Jwts.builder()
        .claim("byte", (byte) 42)
        .claim("short", (short) 42)
        .claim("int", 42)
        .claim("long_small", (long) 42)
        .claim("long_big", ((long) Integer.MAX_VALUE) + 42)
        .compact();
    Claims claims = (Claims) Jwts.parser().parse(token).getBody();
    claims.get("int", Integer.class); // => 42
    claims.get("long_big", Long.class); // => ((long) Integer.MAX_VALUE) + 42
    claims.get("long_small", Long.class); // throws RequiredTypeException: required=Long, found=Integer
    claims.get("short", Short.class); // throws RequiredTypeException: required=Short, found=Integer
    claims.get("byte", Byte.class); // throws RequiredTypeException: required=Byte, found=Integer

With this commit, `DefaultClaims.getClaim(String, Class<T>)` will
correctly handle cases when required type is `Long`, `Integer`, `Short`
or `Byte`: check that value fits in the required type and cast to it.

    // ... setup is the same as above
    claims.get("int", Integer.class); // => 42
    claims.get("long_big", Long.class); // => ((long) Integer.MAX_VALUE) + 42
    claims.get("long_small", Long.class); // => (long) 42
    claims.get("short", Short.class); // => (short) 42
    claims.get("byte", Byte.class); // => (byte) 42

Fixes #142.
2016-09-20 12:49:01 +03:00
Les Hazlewood 8966c3a912 Added minor update to jackson version docs 2016-09-12 17:50:24 -07:00
Les Hazlewood 29241c3b66 [maven-release-plugin] prepare for next development iteration 2016-09-12 17:37:12 -07:00
Les Hazlewood c86c775caf [maven-release-plugin] prepare release 0.7.0 2016-09-12 17:37:08 -07:00
Les Hazlewood 67dbc7701f Merge pull request #167 from jwtk/0.7.0-release-prep
0.7.0 release prep
2016-09-12 17:34:54 -07:00
Les Hazlewood cfeeb6e5cd Added release notes and doc update for the 0.7.0 release. 2016-09-12 17:23:18 -07:00
Les Hazlewood 0da903f214 Added release notes and doc update for the 0.7.0 release. 2016-09-12 17:22:41 -07:00
Les Hazlewood c13362dafa Added release notes and doc update for the 0.7.0 release. 2016-09-12 17:20:47 -07:00
Les Hazlewood b13650dc60 Merge branch '61-edits' and MichaelSims-master 2016-09-12 16:44:33 -07:00
Les Hazlewood 6c4b58e4fe edits to exception message to be a little more helpful and to ensure previous GH issue tests passed 2016-09-12 16:40:52 -07:00
Les Hazlewood ab4f9ff9e8 edits to exception message to be a little more helpful and to ensure previous GH issue tests passed 2016-09-12 16:39:17 -07:00
Les Hazlewood 8f1b528d8c Minor edits to @MichaelSims pull request - prepping for release 2016-09-12 16:12:30 -07:00
Les Hazlewood a06e35cf84 Merge branch 'MichaelSims-master' into 61-edits 2016-09-12 16:04:54 -07:00
Les Hazlewood ff932e9838 Merge branch 'master' of https://github.com/MichaelSims/jjwt into MichaelSims-master
# Conflicts:
#	src/main/java/io/jsonwebtoken/impl/DefaultJwtParser.java
2016-09-12 16:03:53 -07:00
Les Hazlewood af01cca922 122: added code comments so readers understand that JWT mandates seconds, not milliseconds 2016-09-12 10:37:34 -07:00
Les Hazlewood 5b15b9363e Merge pull request #165 from jwtk/107-ex-msg-utc-format
107: ensured exception message printed UTC times correctly
2016-09-11 14:09:44 -07:00
Les Hazlewood 1974069561 107: ensured exception message printed UTC times correctly 2016-09-11 14:04:20 -07:00
Les Hazlewood 0f63ec8012 Merge pull request #117 from matzon/master
implement hashCode and equals in JwtMap
2016-09-11 12:57:02 -07:00
Les Hazlewood 0fb8ffcb76 Merge pull request #164 from jwtk/161-lib-versions
161: upgraded library versions to latest stable
2016-09-11 12:54:43 -07:00
Les Hazlewood 55fcf190cc Merge pull request #162 from maurociancio/patch-2
Fix typo.
2016-09-11 12:49:44 -07:00
Les Hazlewood 79e95856a4 161: upgraded library versions to latest stable 2016-09-11 12:48:48 -07:00
Mauro Ciancio 77dcd9a9b3 Fix typo 2016-09-08 11:56:17 -03:00
Les Hazlewood f522abe2cb Merge pull request #158 from benbenw/parser-perf
improve jwt parser memory allocation
2016-08-31 12:23:20 -04:00
Les Hazlewood 8e26b937f6 Merge pull request #159 from benbenw/ignore-eclipse
add eclipse files to gitignore
2016-08-31 12:21:53 -04:00
benoit d13d2eeffe add eclipse files to gitignore 2016-08-31 16:54:10 +02:00
benoit 9735d1ad98 improve jwt parser memory allocation
re-use buffer instead of creating new ones
avoid creating unneeded buffers in the Strings util methods
Stop continuously copying array with StringBuilder#deleteCharAt
work directly on StringBuilder instead of creating a temporary String

test added to cover the modified methods
2016-08-31 16:39:42 +02:00
Michael Sims 3fb794ee91 #61: Add support for clock skew to JwtParser for exp and nbf claims 2016-08-29 16:34:00 -05:00
Les Hazlewood 0408313d3f Merge pull request #150 from mike9005/patch-1
Fix ES512 description typo in README
2016-07-21 13:08:54 -07:00