Releases: eclipse/microprofile-jwt-auth
2.1
MicroProfile JWT Auth 2.0
2.0-RC2
MicroProfile JWT RBAC 1.2
Javadocs | Spec PDF |Spec html
API Changes
- A convenience method has been added to allow retrieving claims from
JsonWebToken
by using theClaims
enum (link:https://github.com/eclipse/microprofile-jwt-auth/issues/154[#154])
Spec Changes
- Support for verifying JWT tokens which have been signed using Elliptic Curve
ES256
signature algorithm (link:https://github.com/eclipse/microprofile-jwt-auth/issues/161[#161]) - Support for decrypting JWT tokens which have been encrypted using
RSA-OAEP
andA256GCM
algorithms and contain the claims or inner-signed JWT tokens (link:https://github.com/eclipse/microprofile-jwt-auth/issues/58[#58]) - Support for JWT audience
aud
claim (link:https://github.com/eclipse/microprofile-jwt-auth/issues/121[#121]) - Support for JWT token cookies (link:https://github.com/eclipse/microprofile-jwt-auth/issues/93[#93])
- JWT token
groups
claim is now optional (link:https://github.com/eclipse/microprofile-jwt-auth/issues/129[#129]) - Better specification of the injection point (link:https://github.com/eclipse/microprofile-jwt-auth/issues/116[#116], link:https://github.com/eclipse/microprofile-jwt-auth/issues/127[#127]), scope (link:https://github.com/eclipse/microprofile-jwt-auth/issues/45[#45], link:https://github.com/eclipse/microprofile-jwt-auth/issues/183[#183]) and required claims (link:https://github.com/eclipse/microprofile-jwt-auth/issues/128[#128]) requirements
- Support for RSA keys of 1024 bit length has been deprecated (link:https://github.com/eclipse/microprofile-jwt-auth/issues/197[#197])
Other Changes
- New TCK tests
- TCK tests now use
Jose4J
to sign and encrypt the tokens.
1.2-RC1
Javadocs | Spec PDF |Spec html
API Changes
- A convenience method has been added to allow retrieving claims from
JsonWebToken
by using theClaims
enum (link:https://github.com/eclipse/microprofile-jwt-auth/issues/154[#154])
Spec Changes
- Support for verifying JWT tokens which have been signed using Elliptic Curve
ES256
signature algorithm (link:https://github.com/eclipse/microprofile-jwt-auth/issues/161[#161]) - Support for decrypting JWT tokens which have been encrypted using
RSA-OAEP
andA256GCM
algorithms and contain the claims or inner-signed JWT tokens (link:https://github.com/eclipse/microprofile-jwt-auth/issues/58[#58]) - Support for JWT audience
aud
claim (link:https://github.com/eclipse/microprofile-jwt-auth/issues/121[#121]) - Support for JWT token cookies (link:https://github.com/eclipse/microprofile-jwt-auth/issues/93[#93])
- JWT token
groups
claim is now optional (link:https://github.com/eclipse/microprofile-jwt-auth/issues/129[#129]) - Better specification of the injection point (link:https://github.com/eclipse/microprofile-jwt-auth/issues/116[#116], link:https://github.com/eclipse/microprofile-jwt-auth/issues/127[#127]), scope (link:https://github.com/eclipse/microprofile-jwt-auth/issues/45[#45], link:https://github.com/eclipse/microprofile-jwt-auth/issues/183[#183]) and required claims (link:https://github.com/eclipse/microprofile-jwt-auth/issues/128[#128]) requirements
- Support for RSA keys of 1024 bit length has been deprecated (link:https://github.com/eclipse/microprofile-jwt-auth/issues/197[#197])
Other Changes
- New TCK tests
- TCK tests now use
Jose4J
to sign and encrypt the tokens.
MP-JWT 1.1.1
Javadocs | Spec PDF |Spec html
This is a patch release that provides fixes to the TCK tests that were seen to have issues in different implementations. The configuration properties section of the spec has been updated to document the MP configuration mechanism for mapping environment variable to property names when the property name contains dots ('.') such as mp.jwt.verify.publickey.
This release has no API changes.
MP-JWT 1.1.1-RC2
This is the second candidate patch release that provides fixes to the TCK tests that were seen to have issues in different implementations. The configuration properties section of the spec has been updated to document the MP configuration mechanism for mapping environment variable to property names when the property name contains dots ('.') such as mp.jwt.verify.publickey
.
Closed Issues in 1.1.1-RC1
MP-JWT 1.1.1-RC1
This is a candidate patch release that provides fixes to the TCK tests that were seen to have issues in different implementations. The TCK tests WARs now include a META-INF/MPJWTTESTVERSION resource that contains the major/minor version string enum for the MP-JWT version the test WAR is targeting. Currently the versions enums are:
public enum MpJwtTestVersion {
MPJWT_V_1_0,
MPJWT_V_1_1
;
}
Closed Issues in 1.1.1-RC1
MP-JWT 1.1 Release
Javadocs | Spec PDF |Spec html
This is the final version of the 1.1 MP-JWT release. The focus of this release was to add support for configuring the public key and issuer needed for verification of the MP-JWT using MicroProfile Config. The new MicroProfile Config properties are:
- mp.jwt.verify.publickey : The embedded key material of the public key for the MP-JWT signer in PKCS8 PEM or JWK(S) format. If not found the mp.jwt.verify.publickey.location needs to be checked.
- mp.jwt.verify.publickey.location : The relative path or full URL of the public key. All relative paths will be resolved within the archive using ClassLoader.getResource. If the value is a URL it will be resolved using
new URL(“...”).openStream()
- mp.jwt.verify.issuer : The expected iss claim value to validate against an MP-JWT.
MP-JWT 1.1-RC2 Release
This is the second release candidate of the MP-JWT 1.1 update. The main focus of this release is the support for use of the MP-Config feature to configure the MP-JWT signer and issuer in a vendor independent fashion.
The staging repo can be found at:
https://oss.sonatype.org/content/repositories/orgeclipsemicroprofile-1089/