1.2-RC1

Javadocs | Spec PDF |Spec html

API Changes

• A convenience method has been added to allow retrieving claims from JsonWebToken by using the Claims enum (link:https://github.com/eclipse/microprofile-jwt-auth/issues/154[#154])

Spec Changes

• Support for verifying JWT tokens which have been signed using Elliptic Curve ES256 signature algorithm (link:https://github.com/eclipse/microprofile-jwt-auth/issues/161[#161])
• Support for decrypting JWT tokens which have been encrypted using RSA-OAEP and A256GCM algorithms and contain the claims or inner-signed JWT tokens (link:https://github.com/eclipse/microprofile-jwt-auth/issues/58[#58])
• Support for JWT audience aud claim (link:https://github.com/eclipse/microprofile-jwt-auth/issues/121[#121])
• Support for JWT token cookies (link:https://github.com/eclipse/microprofile-jwt-auth/issues/93[#93])
• JWT token groups claim is now optional (link:https://github.com/eclipse/microprofile-jwt-auth/issues/129[#129])
• Better specification of the injection point (link:https://github.com/eclipse/microprofile-jwt-auth/issues/116[#116], link:https://github.com/eclipse/microprofile-jwt-auth/issues/127[#127]), scope (link:https://github.com/eclipse/microprofile-jwt-auth/issues/45[#45], link:https://github.com/eclipse/microprofile-jwt-auth/issues/183[#183]) and required claims (link:https://github.com/eclipse/microprofile-jwt-auth/issues/128[#128]) requirements
• Support for RSA keys of 1024 bit length has been deprecated (link:https://github.com/eclipse/microprofile-jwt-auth/issues/197[#197])

Other Changes

• New TCK tests
• TCK tests now use Jose4J to sign and encrypt the tokens.