Commit Graph

  • 169b0cee5c
    Merge 34e36ed1f5 into 2ad964a3f1 Atanas Gegov 2024-10-31 17:01:30 +0000
  • 34e36ed1f5
    Revert null or empty case Atanas Gegov 2024-10-31 18:01:27 +0100
  • 9b80d157a8
    Return immutable Set for a Collection Atanas Gegov 2024-10-31 17:45:12 +0100
  • e83da4ca7b
    Merge a480d1e656 into 2ad964a3f1 Ho Yin 2024-10-29 11:18:33 +0800
  • a480d1e656 Integrate replacement logic directly into add lhy-hoyin 2024-10-29 11:17:44 +0800
  • 57e42684b7 fix: Fix issue where replace does not do a in-place replacement lhy-hoyin 2024-10-19 19:33:30 +0800
  • 0c15467ac4 Modify tests to explicitly test for situation mentioned in #961 lhy-hoyin 2024-10-19 18:40:12 +0800
  • fd8dc5efca Modify add(e) logic to replace existing with same ID lhy-hoyin 2024-10-19 17:31:38 +0800
  • 8e8fd6c95a Implement DefaultMacAlgorithm.equals lhy-hoyin 2024-10-19 17:24:23 +0800
  • da96e8b6a0 Change method signature of replace lhy-hoyin 2024-10-19 15:22:48 +0800
  • 19f74e57fa
    Merge bd501223b2 into 2ad964a3f1 shubham kesri 2024-10-18 20:21:00 +0530
  • bd501223b2 Made constructor public to allow users their own objectMapper instance kesrishubham2510 2024-10-18 20:20:28 +0530
  • 67a3fae526
    Merge 624b3ef390 into 2ad964a3f1 XenoAmess 2024-10-18 00:50:14 +0800
  • 624b3ef390 add properties for graalvm XenoAmess 2024-10-18 00:48:21 +0800
  • 01003bfdd2 Implement overloaded Assert.notEmpty for asserting Object lhy-hoyin 2024-10-17 15:48:35 +0800
  • 508227cf4d tests: Add tests for DefaultCollectionMutator.replace(E e) lhy-hoyin 2024-10-16 16:45:25 +0800
  • b83bd89990 Implement DefaultCollectionMutator.replace(E e) lhy-hoyin 2024-10-16 16:42:24 +0800
  • 9fee198725
    Merge fbeb7adf61 into 2ad964a3f1 Benjamin Marwell 2024-10-09 19:38:55 +0800
  • d994f6d384
    Merge 1889d8b9bf into 2ad964a3f1 Brian Demers 2024-10-01 14:56:05 -0400
  • ad8f010902
    Merge 4a76b69d59 into 2ad964a3f1 Pieter Van Eeckhout 2024-09-27 12:07:55 +0200
  • 0519460814
    Merge 14b26b277d into 2ad964a3f1 Micah Silverman 2024-09-24 12:16:33 -0700
  • 5b216fb006
    Merge a940383960 into 2ad964a3f1 Pieter Van Eeckhout 2024-09-24 21:45:40 +0300
  • 2ad964a3f1
    add maven bom #967 (#968) master Andy Boothe 2024-09-24 09:17:15 -0500
  • 4250b0069b
    add maven bom #967 Andy Boothe 2024-09-17 10:43:45 -0500
  • a940383960
    Update ClaimsMutator.java Pieter Van Eeckhout 2024-09-11 21:28:12 +0200
  • 9cbbbe7335
    Merge branch 'master' into 235-Java8_time_formats Pieter Van Eeckhout 2024-09-05 08:15:33 +0200
  • 14b26b277d
    fix: pom.xml to reduce vulnerabilities snyk-fix-69bf47f58b79dec78bd03bc59829661e snyk-bot 2024-07-27 11:21:28 +0000
  • fbeb7adf61 [#519] Add src/main/java9/module-info.java files and a simple IT. Benjamin Marwell 2022-04-19 22:04:44 +0200
  • 5812f63a76
    0.12.6 release (#951) Les Hazlewood 2024-06-21 13:12:01 -0700
  • 5c07a6826d [maven-release-plugin] prepare for next development iteration Les Hazlewood 2024-06-21 12:46:15 -0700
  • 0df975627c [maven-release-plugin] prepare release 0.12.6 0.12.6 Les Hazlewood 2024-06-21 12:46:13 -0700
  • aacdfdc32f - Updated README.adoc `:project-version:` to be `0.12.6`. - Updated CHANGELOG.md change notes to link to the BC upgrade PR. Les Hazlewood 2024-06-21 11:52:11 -0700
  • d14f27b624
    Bump org.bouncycastle:bcprov-jdk18on from 1.76 to 1.78 (#941) dependabot[bot] 2024-06-17 12:51:20 -0700
  • d249a166bf Upgrade BouncyCastle to 1.78 Les Hazlewood 2024-06-17 12:39:40 -0700
  • 8f39babc54 Merge remote-tracking branch 'origin/master' into dependabot/maven/org.bouncycastle-bcprov-jdk18on-1.78 Les Hazlewood 2024-06-17 12:37:24 -0700
  • 0c2d96c2d0
    Fixes #949 (#950) Les Hazlewood 2024-06-17 12:25:09 -0700
  • e24cae07ae Fixes #949 Les Hazlewood 2024-06-17 12:13:25 -0700
  • ecf0f152c1 Fixes #949 Les Hazlewood 2024-06-17 12:08:34 -0700
  • 533ce4078e Fixes #949 Les Hazlewood 2024-06-16 16:09:29 -0700
  • 39249dcf82 Merge branch 'master' into issue-949 Les Hazlewood 2024-06-16 16:08:00 -0700
  • a7de55435b
    Fixes #947 (#948) Les Hazlewood 2024-06-16 16:05:45 -0700
  • df14b55a6f Fixes #949 Les Hazlewood 2024-06-16 16:00:14 -0700
  • 578c369641 Fixes #947 Les Hazlewood 2024-06-16 13:01:48 -0700
  • 9039b47b4f
    Add upper bound to JCL exclusion rule Brian Demers 2024-05-29 14:41:07 -0400
  • 754324879d
    Bump org.bouncycastle:bcpkix-jdk18on from 1.76 to 1.78 (#943) dependabot[bot] 2024-05-15 11:03:42 -0700
  • 7bc29352e6
    Bump org.bouncycastle:bcpkix-jdk18on from 1.76 to 1.78 dependabot[bot] 2024-05-14 22:19:17 +0000
  • 5bcf2de6f8
    Bump org.bouncycastle:bcprov-jdk18on from 1.76 to 1.78 dependabot[bot] 2024-05-03 20:35:49 +0000
  • 3489fdb19b
    JWE arbitrary content compression (#937) Mikko Nylén 2024-04-25 05:52:25 +0300
  • 6d88e342b6 Fix name for JWE payload Mikko Nylén 2024-04-25 05:41:29 +0300
  • 9e94665324 Preserve the content name Mikko Nylén 2024-04-24 09:24:35 +0300
  • 22b946fafc Refactor duplicate payload -> input stream logic from sign()/encrypt() Mikko Nylén 2024-04-23 05:04:19 +0300
  • 23d9a33ff6
    Allow using GenericSecret for HmacSHA* (#935) Mikko Nylén 2024-04-22 22:49:06 +0300
  • c83fbe9f41 Fix compression being omitted for JWEs with arbitrary content Mikko Nylén 2024-04-22 08:16:20 +0300
  • 1fa8ccbda9 Review fixes Mikko Nylén 2024-04-22 04:54:03 +0300
  • eb703c3abb Allow using GenericSecret for HmacSHA* Mikko Nylén 2024-04-16 07:14:57 +0300
  • c673b76ef5
    Update SECURITY.md Les Hazlewood 2024-04-02 19:23:24 -0400
  • 59196a7375
    Merge remote-tracking branch 'origin/master' into 235-Java8_time_formats pveeckhout 2024-02-17 00:55:43 +0100
  • 4a76b69d59
    Merge remote-tracking branch 'origin/master' into 60-convenience_expiration_setter_which_takes_a_duration pveeckhout 2024-02-17 00:46:53 +0100
  • bb46c633ee DEVE-142: fix jdk version Johan Roets 2024-02-14 11:52:34 +0200
  • e2e82ec181 DEVE-142: Create patched jjwt impl that allows 1024 keys Johan Roets 2024-02-13 19:59:43 +0200
  • 82562ed37f
    Move common GH Actions setup to seperate file Brian Demers 2024-02-07 18:07:38 -0500
  • 1889d8b9bf
    Updating build to be reproducible repro-jwe Brian Demers 2024-02-07 17:40:38 -0500
  • 26948610fb
    Use Acsiidoc as README format (#777) Brian Demers 2024-02-06 14:51:33 -0500
  • fb0747805b
    Fix README.adoc formatting Brian Demers 2024-02-05 20:48:06 -0500
  • 075df645ae
    Update Admonition caption in README.adoc Brian Demers 2024-02-05 17:36:11 -0500
  • 41c86e6132
    fixing note format Brian Demers 2024-02-02 19:37:28 -0600
  • 7361df512d
    fixing superscript formatting Brian Demers 2024-02-02 19:36:18 -0600
  • 5051eb3879
    fixing superscript formatting Brian Demers 2024-02-02 19:34:49 -0600
  • b5a22826c2
    minor formatting tweaks Brian Demers 2024-02-02 19:32:42 -0600
  • ec501a369c
    Replace custom formatting with adoc admonitions Brian Demers 2024-02-02 19:28:14 -0600
  • 6b2d45b820
    README formatting fix Brian Demers 2024-02-02 19:18:25 -0600
  • 00e587d061
    Using macro for README table subscript Brian Demers 2024-02-02 19:16:29 -0600
  • bf0d9ba379
    Add version variable to adoc README and styling Brian Demers 2024-02-02 18:56:04 -0600
  • 1dddd8d4c7
    Formatting README in asciidoc Brian Demers 2024-02-02 18:54:21 -0600
  • efffa86b8d
    Released 0.12.5 (#918) Les Hazlewood 2024-01-31 18:52:53 -0800
  • 2d77eb2c49 [maven-release-plugin] prepare for next development iteration Les Hazlewood 2024-01-31 18:41:49 -0800
  • 2399e2fdc5 [maven-release-plugin] prepare release 0.12.5 0.12.5 Les Hazlewood 2024-01-31 18:41:45 -0800
  • 8d3de65835 Preparing for 0.12.5 release Les Hazlewood 2024-01-31 18:32:47 -0800
  • a0a123e848
    PR #917 lhazlewood 2024-01-31 17:48:38 -0800
  • 5acdc49e29 * Ensured `NestedCollection`s do not need their `.and()` method called to apply collection changes. Instead, changes are applied immediately as they occur (via `.add`, `.remove`, etc), and `.and()` is now purely for returning to the parent builder if necessary/desired. * Updated associated JavaDoc with code examples to make the `.and()` method's purpose a little clearer. * Updated CHANGELOG.md Les Hazlewood 2024-01-30 18:08:03 -0800
  • afcd889832
    0.12.4 staging (#913) lhazlewood 2024-01-28 16:52:21 -0800
  • 06fe85a685 [maven-release-plugin] prepare for next development iteration Les Hazlewood 2024-01-28 16:28:07 -0800
  • bf4168cdce [maven-release-plugin] prepare release 0.12.4 0.12.4 Les Hazlewood 2024-01-28 16:28:04 -0800
  • 5c6dec061f - Adding 0.12.4 release version references - Adding CI 'workflow_dispatch' event trigger - Changed git url from ssh to https Les Hazlewood 2024-01-28 15:13:27 -0800
  • dd10b12b53
    Added JWK Set documentation to README.mdJwkset doc (#912) lhazlewood 2024-01-28 14:49:01 -0800
  • b52561c65e Minor typo fix Les Hazlewood 2024-01-28 14:37:27 -0800
  • ae40ebce8c Added JWK Set documentation to README.md Les Hazlewood 2024-01-28 14:36:21 -0800
  • 6335381c97
    PBES2 decryption maximum iterations (#911) lhazlewood 2024-01-28 13:17:53 -0800
  • 34b8c3cb68 Ensured there is an upper bound (maximum) iterations enforced for PBES2 decryption to help mitigate potential DoS attacks. Many thanks to Jingcheng Yang and Jianjun Chen from Sichuan University and Zhongguancun Lab for their work on this! Les Hazlewood 2024-01-28 12:56:26 -0800
  • f1b919a073 Ensured there is an upper bound (maximum) iterations enforced for PBES2 decryption to help mitigate potential DoS attacks. Many thanks to Jingcheng Yang and Jianjun Chen from Sichuan University and Zhongguancun Lab for their work on this! Les Hazlewood 2024-01-28 12:54:08 -0800
  • 2884eb7952
    - Updating to GitHub latest actions/checkout and actions/setup-java script versions (#910) lhazlewood 2024-01-27 20:06:20 -0800
  • db4fdca0eb - Updating to GitHub latest actions/checkout and actions/setup-java script versions Les Hazlewood 2024-01-27 20:00:12 -0800
  • 628bd6f4e8 Secret JWK `k` values larger than HMAC-SHA minimums (#909) lhazlewood 2024-01-27 19:54:40 -0800
  • 6ac5cc751b - Ensured Secret JWK 'k' byte arrays for HMAC-SHA algorithms can be larger than the identified HS* algorithm. This is allowed per https://datatracker.ietf.org/doc/html/rfc7518#section-3.2: "A key of the same size as the hash output ... _or larger_ MUST be used with this algorithm" - Ensured that, when using the JwkBuilder, Secret JWK 'alg' values would automatically be set to 'HS256', 'HS384', or 'HS512' if the specified Java SecretKey algorithm name equals a JCA standard name (HmacSHA256, HmacSHA384, etc) or JCA standard HMAC-SHA OID. - Updated CHANGELOG.md accordingly. Les Hazlewood 2024-01-27 19:40:57 -0800
  • d9c030e474 - Ensured Secret JWK 'k' byte arrays for HMAC-SHA algorithms can be larger than the identified HS* algorithm. This is allowed per https://datatracker.ietf.org/doc/html/rfc7518#section-3.2: "A key of the same size as the hash output ... _or larger_ MUST be used with this algorithm" - Ensured that, when using the JwkBuilder, Secret JWK 'alg' values would automatically be set to 'HS256', 'HS384', or 'HS512' if the specified Java SecretKey algorithm name equals a JCA standard name (HmacSHA256, HmacSHA384, etc) or JCA standard HMAC-SHA OID. Les Hazlewood 2024-01-27 19:25:07 -0800
  • b12dabf100
    Fix small typos (#908) Renato Lochetti 2024-01-27 16:45:09 -0300
  • f6116bbdec
    Fix small typos Renato Lochetti 2024-01-27 18:23:05 +0000
  • 26f5dc3dbb
    Updating changelog with more information/clarity for the 0.12.4 release (#907) lhazlewood 2024-01-26 21:23:18 -0800
  • 25851e0688 Updating changelog with more information/clarity for the 0.12.4 release Les Hazlewood 2024-01-26 19:09:54 -0800
  • f61cfa875d
    Test case change to reflect accurate assertion for Elliptic Curve 'd' values against the curve order (not the field size) per https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.2.1 (#906) lhazlewood 2024-01-26 17:54:51 -0800