Releases: lestrrat-go/jwx
Releases · lestrrat-go/jwx
v1.0.6
v1.0.6 17 Dec 2020
* Fix ECDHES ciphers where padding in AAD et al was creating
incomptabile values with jose tool
* Also fix ECDH-ES cek handling (#248)
* Implement direct key encoding (#213, #249)
* Allow JWT tokens to use default JWK if only one key is given
and the JWT does not necessarily specifies a key (#214)
* Deprecate jwt.Verify and introduce jwt.Validate. JWS verification
used the term Verify, which was confusing when users wanted to
validate the JWT token itself. (#220)
* JWT library optins have been explicitly typed as ValidationOption
and ParseOption (#220, #223)
* Add jwx.DecoderSettings and jwx.WithUseNumber option to globally
change how jwx parses JSON objects (#222)
* Encode x5c field as base64 with padding (#244)
* Add more interoperability tests against jose tool.
* Special thanks to anatol and imirkin!
v1.0.5
v1.0.5 - 28 Sep 2020
* Reinstate PrivateParams() method in jws and jwe packages.
These used to be available until v1.0.0, but somehow got lost during the
big change.
As a workaround for users of versions 1.0.0 to 1.0.4, you could have
achieved the same thing using AsMap() methods, albeit with a slight
performance penality (#205, #206)
v1.0.4
v1.0.3
v1.0.3 - 08 Jul 2020
* `jws.Sign`, and therefore `jwt.Sign` now accept `jwk.Key` as the
key to use for signature. (#199)
* `jwt.Sign` could sometimes return a nil error when setting bad
values to the protected header failed (#195)
* More golangci-lint cleanup (#193)
v1.0.2
v1.0.2 - 07 May 2020
* Since 1.0.0, we took somet time to play the test coverage game.
The coverage is around 30% better, and we _did_ uncover some
inconsistencies in the API, which got promptly fixed.
But I'm tired of the coverage game for the time being. PR's welcome!
* Add jwk.AssignKeyID to automatically assign a `kid` field to a JWK
* Fix jwe.Encrypt / jwe.Decrypt to properly look at the `zip` field
* Change jwe.Message accessors to return []byte, not buffer.Buffer
v1.0.1
v1.0.1 - 04 May 2020
* Normalize all JWK serialization to use padding-less base64 encoding (#185)
* Fix edge case unmarshaling openid.AddressClaim within a openid.Token
* Fix edge case unmarshaling jwe.Message
* Export JWK key-specific constants, such as jwk.RSANKey, jwk.SymmetricOctetsKey, etc
* Remove some unused code
v1.0.0
This marks a major revamp of the old code base, and in general has many improvements over the quirks from older versions. Please beware that the API has significantly changed, and breaks backwards compatibility. If you were previously using this library, then you WILL have to change how you use it.
Thanks to the many contributors who pointed out mistakes, and nudged me to take a hard look at the code to improve it in ways that I previously didn't immediately see.
v1.0.0 - 03 May 2020
* All packages (`jws`, `jwe`, `jwk`, `jwt`) have all been reworked from
the ground-up.
* These packages now hide the actual implementation of the main structs behind an interface.
* Header/Token structs must now be instantiated using proper constructors
(most notably, json.Unmarshal will miserably fail if you just pass
and empty interface via `xxx.Token` or similar)
* Token/Header interfaces are now more or less standardized.
The following API should be consistent between all relevant packages:
* New()
* Get()
* Set()
* Remove()
* Iterate()
* Walk()
* AsMap()
* Oft-used fields are no longer directly accessible:
e.g. `token.KeyID = v` is no longer valid. You must set using `Set`
(and `Remove`, if you are removing it), and use either `Get` or
one of the utility methods such as `token.KeyID()`
* Many helper functions and structs have been unexported. They were never
meant to be anything useful for end-users, and hopefully it does not
cause any problems.
* Most errors type/instances have been removed from the public API
* `jwt` package can now work with different token types, such as OpenID tokens.
* `token.Sign` and `token.Verify` have been changed from methods to
package functions `jwt.Sign` and `jwt.Verify`, to allow different
types of tokens to be passed to the same logic.
* Added a custom token type in `openid` sub-package to make it easier to
work with OpenID claims
* `jwt.Parse` (and its siblings) now accept `jwt.WithOpenIDClaims()`
* `jwe` API has been reworked:
* `MultiEncrypt` has been removed.
* Serializer structs have been removed. Now you just need to call
`jwe.Compact` or `jwe.JSON`
* `jwk` API has been reworked:
* `jwk.ParseKey` has been added
* `jwk.Materialize` has been renamed to `Raw()`. A new corresponding
method to initialize the key from a raw key (RSA/ECDSA/byte keys)
called `FromRaw()` has also been added, which makes a nice pair.
* `jws` API has been reworked
* CI has been changed from Travis CI to Github Actions, and tests now
include linting via `golangci-lint`