jwt-2.2.0

v2.2.0 (2019-03-20)

Full Changelog

Implemented enhancements:

• Use iat_leeway option #273
• Use of global state in latest version breaks thread safety of JWT.decode #268
• JSON support #246
• Change the Github homepage URL to https #301 (ekohl)
• Fix Salt length for conformance with PS family specification. #300 (tobypinder)
• Add support for Ruby 2.6 #299 (bustikiller)
• update homepage in gemspec to use HTTPS #298 (evgeni)
• Make sure alg parameter value isn't added twice #297 (korstiaan)
• Claims Validation #295 (jamesstonehill)
• JWT::Encode refactorings, alg and exp related bugfixes #293 (anakinj)
• Proposal of simple JWK support #289 (anakinj)
• Add RSASSA-PSS signature signing support #285 (oliver-hohn)
• Add note about using a hard coded algorithm in README #280 (revodoge)
• Add Appraisal support #278 (olbrich)
• Fix decode threading issue #269 (ab320012)
• Removed leeway from verify_iat #257 (ab320012)

Fixed bugs:

• Inconsistent handling of payload claim data types #282
• Use iat\_leeway option #273
• Issued at validation #247
• Fix bug and simplify segment validation #292 (anakinj)
• Removed leeway from verify\_iat #257 (ab320012)

Closed issues:

• RS256, public and private keys #291
• Allow passing current time to decode #288
• Verify exp claim without verifying jwt #281
• Decoding JWT with ES256 and secp256k1 curve #277
• Audience as an array - how to specify? #276
• signature validation using decode method for JWT #271
• JWT is easily breakable #267
• Ruby JWT Token #265
• ECDSA supported algorithms constant is defined as a string, not an array #264
• NoMethodError: undefined method `group' for <xxxxx> #261
• 'DecodeError'will replace 'ExpiredSignature' #260
• TypeError: no implicit conversion of OpenSSL::PKey::RSA into String #259
• NameError: uninitialized constant JWT::Algos::Eddsa::RbNaCl #258
• Get new token if curren token expired #256
• Infer algorithm from header #254
• Why is the result of decode is an array? #252
• Add support for headless token #251
• Leeway or exp_leeway #215
• Could you describe purpose of cert fixtures and their cryptokey lengths. #185

Merged pull requests:

• Misc config improvements #296 (jamesstonehill)
• Fix JSON conflict between #293 and #292 #294 (anakinj)
• Drop Ruby 2.2 from test matrix #290 (anakinj)
• Remove broken reek config #283 (excpt)
• Add missing test, Update common files #275 (excpt)
• Remove iat_leeway option #274 (wohlgejm)
• improving code quality of jwt module #266 (ab320012)
• fixed ECDSA supported versions const #263 (starbeast)
• Added my name to contributor list #262 (ab320012)
• Use Class\#new Shorthand For Error Subclasses #255 (akabiru)
• [CI] Test against Ruby 2.5 #253 (nicolasleger)
• Fix README #250 (rono23)
• Fix link format #248 (y-yagi)