f1cd8b99d7
JWE work cont'd. Lots of cleanup. Have full roundtrip encrypt/decrypt working now that obtaining AAD data has been fixed to work correctly (was previously using the serialized header bytes directly instead of the ASCII bytes of the encoded header)
2021-09-13 22:45:43 -07:00
5819aa2f4b
Sanity checkpoint so I don't lose work.
2021-09-12 01:23:01 -07:00
3f4e40ad27
implementation checkpoint so I don't lose a ton of work. Won't build, but need to backup.
2021-07-28 01:46:32 -07:00
bd01e84406
IF SQUASHING, DO NOT SQUASH THIS COMMIT UNTIL MERGING TO MASTER: Removed the previous SignatureAlgorithm implementation concepts (Provider/Signer/Validator implementations). Implementations are now interface-driven and fully pluggable.
2021-03-03 13:22:35 -08:00
0f607b547b
JWE support. Resolves #113
...
- impl checkpoint: adjusted @since version, added KeyManagementMode concept w/ supporting interfaces
- KeyManagementMode interfaces and implementations are dummy implementations to enable compiling. Design still needs to be vetted.
- Added JWE EncryptionAlgorithm and supporting interfaces/implementations, and refactored SignatureAlgorithm to be an interface instead of an enum to enable custom algorithms
- NoneSignatureAlgorithm cleanup. Added UnsupportedKeyExceptionTest.
- testing additions, cleanup cont'd
2021-02-28 18:01:03 -08:00
8ed4ab407e
Bump jackson-databind from 2.9.10.5 to 2.9.10.7
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.5 to 2.9.10.7.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-19 10:11:08 -05:00
894d6f298b
fixed typo ( #646 )
2021-02-17 10:39:11 -08:00
71ed1b67aa
Bump junit from 4.12 to 4.13.1
...
Bumps [junit](https://github.com/junit-team/junit4 ) from 4.12 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases )
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md )
- [Commits](https://github.com/junit-team/junit4/compare/r4.12...r4.13.1 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-10-13 14:48:06 -04:00
5c5f1b818a
Added "are" to correct grammar ( #605 )
2020-07-22 19:20:55 -04:00
d02cee5474
FixTypo ( #607 )
2020-07-22 19:20:12 -04:00
901048aeac
Removes eager initialization of the CompressionCodecResolver in the JwtParserBuilder
...
This removes a potential service loader issue with OSGi runtimes.
Fixes : #578
2020-07-13 12:56:05 -04:00
dc120e8c54
Correcting dependabot version bump of Jackson to 2.9.10.5
2020-07-09 16:04:45 -04:00
6f2c0c37aa
Bump jackson-databind from 2.9.10.4 to 2.10.0.pr1
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.4 to 2.10.0.pr1.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2020-07-09 16:04:45 -04:00
3aaa70bd18
Updates the Java 7 install location for CI
...
The previously used URL is dead, which was preventing other PRs from passing CI
2020-07-09 15:23:35 -04:00
14b2f19b29
[maven-release-plugin] prepare for next development iteration
2020-06-11 15:50:09 -04:00
274749373f
[maven-release-plugin] prepare release 0.11.2
2020-06-11 15:50:00 -04:00
0596bea16a
Updating readme dependency references to reflect the 0.11.2 release
2020-06-11 14:24:23 -04:00
5c8064bbd1
Updated changelog to link to the 0.11.2 milestone
2020-06-11 14:21:03 -04:00
26527bd43c
Updated the pom snapshot versions to prepare for the upcoming 0.11.2 release
2020-06-11 14:16:29 -04:00
2f897cbb4d
Updated the changelog for the upcoming 0.11.2 release
2020-06-11 14:14:42 -04:00
72973f9b9b
Argument validation for allowedClockSkewSeconds ( #601 )
...
* 583: ensured setting allowedClockSkewSeconds to be greater than (Long.MAX_VALUE / 1000) will throw an IllegalArgumentException.
2020-06-11 13:46:03 -04:00
2b00ed1819
Add DefaultJwtParser functionality to parse JWSs with empty body. ( #540 )
...
* Add DefaultJwtParser functionality to parse JWSs with empty body.
* Review Fix: Change allowEmptyBody(boolean) to requirePayload(boolean). Set payloadRequired true for each require*() method in JwtParser and JwtParserBuilder.
* Add missing ImmutableJwtParserTest.
* Review changes: Moving to solution without payload requirement flag.
* Review changes: Allow empty Jwt payload
* Remove unused imports
Co-authored-by: Philipp Zormeier <philipp.zormeier@thoughtworks.com>
2020-06-08 14:07:10 -04:00
82b870e283
Add support for jdk14 ( #590 )
2020-06-08 14:00:59 -04:00
d8c313cfa6
Fix GsonDeserializer to support unicode characters independently of "file.encoding" system property's value being used by JVM ( #592 )
...
Co-authored-by: Oleh Kuzych <oleh_kuzych_tp@bmc.com>
2020-06-08 14:00:17 -04:00
43de9a34e3
Add parameterized return type to Maps.and() ( #597 )
...
Fixes : #591
2020-06-08 13:59:41 -04:00
6b02041be6
Accept oid in assertValid ( #589 )
...
* Add special handling for Hmac-Keys loaded from pkcs#12 keystores
* Link to openjdk bug in javadoc
* Switch to mocked key for OID algorithm name test, eliminate KeyStore Usage in Test.
* Replace alternateNames oid field and remove from public api.
* Rename oid to pkcs12Name, make sure it's non null.
2020-06-06 16:44:07 -04:00
403e1895e3
Attach implementation bundles as fragments to the API bundle to make them visible to the API bundle. This fixes jwtk#578 (jwtk#578) ( #580 )
2020-04-27 17:40:02 -04:00
972591f87f
Bump jackson-databind from 2.9.10.3 to 2.9.10.4 ( #587 )
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.3 to 2.9.10.4.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-04-24 16:06:43 -04:00
5616ba769a
[maven-release-plugin] prepare for next development iteration
2020-03-12 16:59:12 -04:00
c09deaa5f3
[maven-release-plugin] prepare release 0.11.1
2020-03-12 16:59:05 -04:00
c563365b97
Prepping for the 0.11.0 --> 0.11.1 release
2020-03-12 16:56:17 -04:00
f22a0e955a
Prepping for the 0.11.0 --> 0.11.1 release
2020-03-12 16:44:01 -04:00
2349d4dce3
Upgraded Jackson dependency to 2.9.10.3. Resolves #567 . ( #576 )
2020-03-12 16:40:52 -04:00
6565bdc019
Minor JavaDoc fix and changelog updates. Fixes #535 ( #575 )
2020-03-12 16:25:12 -04:00
9e65ab7be0
Services now checks the contextClassLoader, Services.class.classLoader, and the system classloader
...
Fixes : #568
2020-03-12 15:43:37 -04:00
111633fa88
Gson Serializer/Deserializer are now correctly registered service when found on the classpath
...
Added test to other serializer implementations as well
Fixes : #563
2020-03-05 14:11:34 -05:00
0fd59efc93
Bump jackson-databind from 2.9.10.1 to 2.9.10.3
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.1 to 2.9.10.3.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2020-03-05 10:09:47 -05:00
e115085b14
Allow JacksonDeserializer to work with Java 9+ Map.of
...
and other maps that do NOT allow null keys
2020-02-24 16:01:18 -05:00
09637f1e66
Fixing version references for the 0.11.0 release.
2020-02-05 12:50:13 -08:00
23743f5a59
[maven-release-plugin] prepare for next development iteration
2020-02-05 12:29:05 -08:00
3cd48fade7
[maven-release-plugin] prepare release 0.11.0
2020-02-05 12:28:58 -08:00
b4363e1572
- Update README to use `parserBuilder()` instead of `parser()` ( #499 ) ( #559 )
...
- Docs: Adds section to README covering custom object parsing (#500 )
- Docs: Add note about JwtParserBuilder creating an immutable JwtParser (#508 )
Doc: #486
Fixes : #494
Doc: #495
Fixes : #171
Updated documentation and changelog to reflect the new Gson extension. Fixes #410 . (#476 )
Co-authored-by: Brian Demers <brian.demers@gmail.com>
2020-02-05 12:08:18 -08:00
1aa8225703
Documented how to convert strings to SecretKey instances. Resolves #517 ( #561 )
2020-02-04 22:50:56 -08:00
5481248a71
Documented why changing Base64 sometimes does not invalid signature checks. Resolves #518 ( #560 )
2020-02-04 18:33:36 -08:00
c38f4af239
Ensured DeflateCompressionCodec could fallback to <= 0.10.6 implementation if encountering an IOException. This allows compressed JWTs created before 0.10.7 to still work. Fixes #536 ( #556 ) ( #557 )
2020-02-04 14:29:16 -08:00
950e6fbcc7
cherry-pick 4821395c06b0786e19b1a3153be65f39a2a524d9: Ensured SignatureAlgorithm `PS256`, `PS384`, and `PS512` worked properly on JDK 11 and later without requiring BouncyCastle. ( #555 )
2020-02-04 00:10:39 -08:00
9481f317e1
Resolves #552 : changed mock implementation to speed up a very slow test ( #553 )
2020-02-03 13:41:30 -08:00
2fd3f06b7b
Update SignatureValidator to use MessageDigest ( #548 )
2020-01-27 14:20:21 -05:00
eadf0ce4fc
Bump jackson-databind from 2.9.10 to 2.9.10.1 ( #532 )
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10 to 2.9.10.1.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2019-11-13 09:33:35 +01:00
dacdb2ce25
relocated Service.java to impl module (along with tests). ( #529 )
2019-10-27 17:13:49 -04:00
Les Hazlewood
dependabot[bot]
Dominik Dorn
jonfrench
Chen
Brian Demers
Philipp Zormeier
Johannes Ballmann
Oleg Kuzych
Carsten Ziegeler
Micah Silverman