Releases: lestrrat-go/jwx
Releases · lestrrat-go/jwx
v1.0.8
v1.0.8 15 Jan 2021
[New features]
* Fixed `jws.Message` and `jws.Signature` to be properly formatted when
marshaled into JSON. In the same manner, `json.Unmarshal` should also
work as expected.
* Added API to programatically manipulate `jws.Message` and `jws.Signature`
[Miscellaneous]
* The order of keys are now consistent as when used with `json.Marshal`.
Previously some objects used their own ordering, but now the code goes
through one extra roundtrip of `json.Unmarshal`/`json.Marshal` to preserve
compatible behavior. This *may* lead to slightly slower performance if
you are performing `json.Marshal` over and over in very quick succession.
Please file an issue if you have real world cases where the change
causes problems for you.
* Added more examples in various places.
* Tests runs have been sped up for the most oft used cases
v1.0.7
v1.0.7 11 Jan 2021
[New features]
* Added jwk.AutoRefresh, which is a tool to periodically refresh JWKS. (#265)
* Added experimental ed25519 support (#252)
[Bug fixes]
* Fix `Set()` method for jwk Keys to properly accept either `jwk.KeyUsageType`
or a simple string.
[Miscellaneous]
* Updated dependencies
* Changed options to use github.com/lestrrat-go/option
* Various typos, unused annotations, etc, have been fixed by contributors
* Nobody except for the author really should care, but the underlying
`pdebug` utility, which is used for print debugging, has been
upgraded to v3, which should stop parallel test execution from throwing
an error when run with -race
v1.0.6
v1.0.6 17 Dec 2020
* Fix ECDHES ciphers where padding in AAD et al was creating
incomptabile values with jose tool
* Also fix ECDH-ES cek handling (#248)
* Implement direct key encoding (#213, #249)
* Allow JWT tokens to use default JWK if only one key is given
and the JWT does not necessarily specifies a key (#214)
* Deprecate jwt.Verify and introduce jwt.Validate. JWS verification
used the term Verify, which was confusing when users wanted to
validate the JWT token itself. (#220)
* JWT library optins have been explicitly typed as ValidationOption
and ParseOption (#220, #223)
* Add jwx.DecoderSettings and jwx.WithUseNumber option to globally
change how jwx parses JSON objects (#222)
* Encode x5c field as base64 with padding (#244)
* Add more interoperability tests against jose tool.
* Special thanks to anatol and imirkin!
v1.0.5
v1.0.5 - 28 Sep 2020
* Reinstate PrivateParams() method in jws and jwe packages.
These used to be available until v1.0.0, but somehow got lost during the
big change.
As a workaround for users of versions 1.0.0 to 1.0.4, you could have
achieved the same thing using AsMap() methods, albeit with a slight
performance penality (#205, #206)
v1.0.4
v1.0.3
v1.0.3 - 08 Jul 2020
* `jws.Sign`, and therefore `jwt.Sign` now accept `jwk.Key` as the
key to use for signature. (#199)
* `jwt.Sign` could sometimes return a nil error when setting bad
values to the protected header failed (#195)
* More golangci-lint cleanup (#193)
v1.0.2
v1.0.2 - 07 May 2020
* Since 1.0.0, we took somet time to play the test coverage game.
The coverage is around 30% better, and we _did_ uncover some
inconsistencies in the API, which got promptly fixed.
But I'm tired of the coverage game for the time being. PR's welcome!
* Add jwk.AssignKeyID to automatically assign a `kid` field to a JWK
* Fix jwe.Encrypt / jwe.Decrypt to properly look at the `zip` field
* Change jwe.Message accessors to return []byte, not buffer.Buffer
v1.0.1
v1.0.1 - 04 May 2020
* Normalize all JWK serialization to use padding-less base64 encoding (#185)
* Fix edge case unmarshaling openid.AddressClaim within a openid.Token
* Fix edge case unmarshaling jwe.Message
* Export JWK key-specific constants, such as jwk.RSANKey, jwk.SymmetricOctetsKey, etc
* Remove some unused code
v1.0.0
This marks a major revamp of the old code base, and in general has many improvements over the quirks from older versions. Please beware that the API has significantly changed, and breaks backwards compatibility. If you were previously using this library, then you WILL have to change how you use it.
Thanks to the many contributors who pointed out mistakes, and nudged me to take a hard look at the code to improve it in ways that I previously didn't immediately see.
v1.0.0 - 03 May 2020
* All packages (`jws`, `jwe`, `jwk`, `jwt`) have all been reworked from
the ground-up.
* These packages now hide the actual implementation of the main structs behind an interface.
* Header/Token structs must now be instantiated using proper constructors
(most notably, json.Unmarshal will miserably fail if you just pass
and empty interface via `xxx.Token` or similar)
* Token/Header interfaces are now more or less standardized.
The following API should be consistent between all relevant packages:
* New()
* Get()
* Set()
* Remove()
* Iterate()
* Walk()
* AsMap()
* Oft-used fields are no longer directly accessible:
e.g. `token.KeyID = v` is no longer valid. You must set using `Set`
(and `Remove`, if you are removing it), and use either `Get` or
one of the utility methods such as `token.KeyID()`
* Many helper functions and structs have been unexported. They were never
meant to be anything useful for end-users, and hopefully it does not
cause any problems.
* Most errors type/instances have been removed from the public API
* `jwt` package can now work with different token types, such as OpenID tokens.
* `token.Sign` and `token.Verify` have been changed from methods to
package functions `jwt.Sign` and `jwt.Verify`, to allow different
types of tokens to be passed to the same logic.
* Added a custom token type in `openid` sub-package to make it easier to
work with OpenID claims
* `jwt.Parse` (and its siblings) now accept `jwt.WithOpenIDClaims()`
* `jwe` API has been reworked:
* `MultiEncrypt` has been removed.
* Serializer structs have been removed. Now you just need to call
`jwe.Compact` or `jwe.JSON`
* `jwk` API has been reworked:
* `jwk.ParseKey` has been added
* `jwk.Materialize` has been renamed to `Raw()`. A new corresponding
method to initialize the key from a raw key (RSA/ECDSA/byte keys)
called `FromRaw()` has also been added, which makes a nice pair.
* `jws` API has been reworked
* CI has been changed from Travis CI to Github Actions, and tests now
include linting via `golangci-lint`