forked from FusionAuth/fusionauth-jwt
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCHANGES
More file actions
79 lines (47 loc) · 1.75 KB
/
Copy pathCHANGES
File metadata and controls
79 lines (47 loc) · 1.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
Prime JWT Changes
Changes in 1.3.1
* Fixed potential security issue that may allow a JWT to be decoded without a valid signature. Thanks to @rcadob.
Changes in 1.3.0
* Added OpenIDConnect.at_hash
* Added OpenIDConnect.c_hash
* Fixed potential security issue that may allow a JWT to be decoded without a valid signature. Thanks to @dmak.
See CVE-2018-1000125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000125
Changes in 1.2.1
* Better handle invalid Base64 encoded JWTs
Changes in 1.2.0
* Added JWT.getRawClaims()
Changes in 1.1.0
* Support for x5t (X.509 thumbprints)
* Additional helper methods in PEMUtils and RSAUtils
Changes in 1.0.0
* Add support for X.509 certificates
Changes in 0.2.1
* Add POM to release to maven as well as savent
Changes in 0.2.0
* Change "keyId" to "kid".
Changes in 0.1.6
* Renamed JWT.audience --> JWT.setAudience
* Renamed JWT.claim --> JWT.addClaim
* Renamed JWT.expiration --> JWT.setExpiration
* Renamed JWT.issuedAt --> JWT.setIssuedAt
* Renamed JWT.issuer --> JWT.setIssuer
* Renamed JWT.notBefore --> JWT.setNotBefore
* Renamed JWT.subject --> JWT.setSubject
* Renamed JWT.uniqueId --> JWT.setUniqueId
Changes in 0.1.5
* Removed RefreshToken domain object.
Changes in 0.1.4
* Add helper to generate an ideal HMAC secret for SHA-384
Changes in 0.1.3
* Add support for HS384 and RS384
Changes in 0.1.2
* Added JavaDoc
* Better parsing support for PKCS#1 and PKCS#8 key formats
* Enforce minimum RSA key key length of 2048
Changes in 0.1.1
* Added validation for JWT Expired (exp) and JWT Not Available for Processing (nbf)
* Added helpers to generate HMAC keys and RSA Key Pairs
* Add JWTException that all other exceptions extend
* Add tests
Changes in 0.1.0
* Initial release.