diff --git a/.gitignore b/.gitignore
index cf83389..b344a6a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,5 @@ build
*.iws
.idea
target
-.DS_Store
\ No newline at end of file
+.DS_Store
+.savant/cache
diff --git a/CHANGES b/CHANGES
index eda664e..39ad2f8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
FusionAuth JWT Changes
+Changes in 5.2.4
+
+ * Bind a deserializer using @JsonDeserialize the JWT object for all ZoneDateTime objects. This allows
+ you to use any Jackson Object Mapper w/out explicitly binding these deserializers.
+
Changes in 5.2.3
* Upgraded Jackson Core to 2.14.0
diff --git a/README.md b/README.md
index 7e8a886..3d0d7e0 100644
--- a/README.md
+++ b/README.md
@@ -41,23 +41,23 @@ We are very interested in compensating anyone that can identify a security relat
io.fusionauth
fusionauth-jwt
- 5.2.3
+ 5.2.4
```
### Gradle
```groovy
-implementation 'io.fusionauth:fusionauth-jwt:5.2.3'
+implementation 'io.fusionauth:fusionauth-jwt:5.2.4'
```
### Gradle Kotlin
```kotlin
-implementation("io.fusionauth:fusionauth-jwt:5.2.3")
+implementation("io.fusionauth:fusionauth-jwt:5.2.4")
```
### Savant
```groovy
-dependency(id: "io.fusionauth:fusionauth-jwt:5.2.3")
+dependency(id: "io.fusionauth:fusionauth-jwt:5.2.4")
```
For others see [https://search.maven.org](https://search.maven.org/artifact/io.fusionauth/fusionauth-jwt/4.0.1/jar).
diff --git a/build.savant b/build.savant
index b103b7c..c6fecaa 100644
--- a/build.savant
+++ b/build.savant
@@ -16,7 +16,7 @@
jacksonVersion = "2.14.0"
-project(group: "io.fusionauth", name: "fusionauth-jwt", version: "5.2.3", licenses: ["ApacheV2_0"]) {
+project(group: "io.fusionauth", name: "fusionauth-jwt", version: "5.2.4", licenses: ["ApacheV2_0"]) {
workflow {
fetch {
diff --git a/src/main/java/io/fusionauth/jwt/domain/JWT.java b/src/main/java/io/fusionauth/jwt/domain/JWT.java
index 28e5161..f315af7 100644
--- a/src/main/java/io/fusionauth/jwt/domain/JWT.java
+++ b/src/main/java/io/fusionauth/jwt/domain/JWT.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2022, FusionAuth, All Rights Reserved
+ * Copyright (c) 2016-2023, FusionAuth, All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -20,11 +20,13 @@
import com.fasterxml.jackson.annotation.JsonAnySetter;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import io.fusionauth.jwt.JWTDecoder;
import io.fusionauth.jwt.JWTEncoder;
import io.fusionauth.jwt.TimeMachineJWTDecoder;
import io.fusionauth.jwt.json.Mapper;
+import io.fusionauth.jwt.json.ZonedDateTimeDeserializer;
import io.fusionauth.jwt.json.ZonedDateTimeSerializer;
import java.math.BigDecimal;
@@ -71,6 +73,7 @@ public class JWT {
* processing. The expiration time is expected to provided in UNIX time, or the number of seconds since Epoch.
*/
@JsonProperty("exp")
+ @JsonDeserialize(using = ZonedDateTimeDeserializer.class)
@JsonSerialize(using = ZonedDateTimeSerializer.class)
public ZonedDateTime expiration;
@@ -81,6 +84,7 @@ public class JWT {
* UNIX time, or the number of seconds since Epoch.
*/
@JsonProperty("iat")
+ @JsonDeserialize(using = ZonedDateTimeDeserializer.class)
@JsonSerialize(using = ZonedDateTimeSerializer.class)
public ZonedDateTime issuedAt;
@@ -97,9 +101,10 @@ public class JWT {
* Registered Claim nbf
as defined by RFC 7519 Section 4.1.5. Use of this claim is OPTIONAL.
*
* This claim identifies the time before which the JWT MUST NOT be accepted for processing. The not before value is
- * expected to provided in UNIX time, or the number of seconds since Epoch.
+ * expected to be provided in UNIX time, or the number of seconds since Epoch.
*/
@JsonProperty("nbf")
+ @JsonDeserialize(using = ZonedDateTimeDeserializer.class)
@JsonSerialize(using = ZonedDateTimeSerializer.class)
public ZonedDateTime notBefore;