v0.10.0

What's Changed

• Feature/dpop nonce by @dtsiflit in #100

Breaking changes

The following protocols and their implementations have been updated to use a nonce (dpop nonce) and a boolean (retry) in their signatures:

• IssuanceRequesterType
• IssuerType
• AuthorizationServerClientType
• NotifyIssuerType

The IssuanceRequesterType protocol now accepts an additional retry boolean parameter.

Important Notes on dpop Nonce Handling

These changes are relevant if your authorization or resource server responds with a DPoP nonce. For more details, refer to the RFC9449 (https://datatracker.ietf.org/doc/html/rfc9449#name-resource-server-provided-no, https://datatracker.ietf.org/doc/html/rfc9449#name-authorization-server-provid) specification on authorization server-provided nonce and resource server-provided nonce.

Examples of how this is implemented can be found in:

testWithOfferSdJwtDPoP()
testWithOfferMultipleSdJwtDPoP()

Note:
Using Regular Bearer Tokens
If you are not utilizing DPoP but instead rely on regular bearer tokens:
Set dpopnonce to nil.
Set retry to false in all cases.
This ensures compatibility without adopting DPoP-specific functionality.

Full Changelog: v0.9.3...v0.10.0

v0.9.3

What's Changed

• Async signer updates by @dtsiflit in #103

Full Changelog: v0.9.2...v0.9.3

v0.9.2

What's Changed

• Parse claims from sd-jwt-vc metadata by @dtsiflit in #102

Full Changelog: v0.9.1...v0.9.2

v0.9.1

What's Changed

• Feature/draft 14 by @dtsiflit in #98
• Updated swifty json by @dtsiflit in #101

Breaking changes

• The Issuer now accepts a binding key array instead of a single binding key. If you want to use the Issuer in a similar backwards compatible way to Draft 13, pass a binding key array with a single value.

• The binding key JWK case now accepts an array of SigningKeyProxys. If you want to use the Issuer in a similar backwards compatible way to Draft 13, pass a binding key array with a single value containing .secKey(_your_key_).

• Draft 14 supports the issuance of a document while providing multiple proofs. If an issuance is successful, the credential will be issued and located in a variable of type:

public enum Credential: Codable {
  case string(String)
  case json(JSON)
}

If a single credential is issued, its value will be located in string(String). Multiple credentials will be located in json(JSON) as an array.

• CWT has been removed.
• Batch credential issuance has been removed.

The examples contained in the test target provide usages for all the above scenarios.

Full Changelog: v0.8.0...v0.9.0

v0.9.0

What's Changed

• Feature/draft 14 by @dtsiflit in #98

Breaking changes

• The Issuer now accepts a binding key array instead of a single binding key. If you want to use the Issuer in a similar backwards compatible way to Draft 13, pass a binding key array with a single value.

• The binding key JWK case now accepts an array of SigningKeyProxys. If you want to use the Issuer in a similar backwards compatible way to Draft 13, pass a binding key array with a single value containing .secKey(_your_key_).

• Draft 14 supports the issuance of a document while providing multiple proofs. If an issuance is successful, the credential will be issued and located in a variable of type:

public enum Credential: Codable {
  case string(String)
  case json(JSON)
}

If a single credential is issued, its value will be located in string(String). Multiple credentials will be located in json(JSON) as an array.

• CWT has been removed.
• Batch credential issuance has been removed.

The examples contained in the test target provide usages for all the above scenarios.

Full Changelog: v0.8.0...v0.9.0

v0.8.0

What's Changed

• Updated signing logic by @dtsiflit in #99

Breaking Changes

• The BindingKey jwk case now accepts SigningKeyProxy instead of a SecKey as an associated value.
  This is a breaking change and to continue using keys please use .secKey(your_key) instead of just your_key when creating a BindingKey. Several examples here

Full Changelog: v0.7.2...v0.8.0

v0.7.2

What's Changed

• OIDC fallback update by @dtsiflit in #97

Full Changelog: v0.7.1...v0.7.2

v0.7.1

What's Changed

• Update 3rd party dependency list in README by @daniel-moh in #92
• Credential issuer id update by @dtsiflit in #96

New Contributors

• @daniel-moh made their first contribution in #92

Full Changelog: v0.7.0...v0.7.1

v0.7.0

What's Changed

• Refactor credential issuer metadata resolver api by @srosenda in #76

Breaking Changes

• Clients of CredentialIssuerMetadataType.resolve(source:) need to remove the nil checking of success result. Please refer to a823c226

Full Changelog: v0.6.0...v0.7.0

v0.6.0

What's Changed

• [refactor] Remove credential response property "format" by @srosenda in #72
• [fix] x-www-form-urlencoded body encoding in HTTP form POST by @srosenda in #54
• Switch to JOSESwift upstream version >=0.3.0 by @srosenda in #77
• Remove openid appended at the end of scope by @pankaj-sp in #85
• Use of PAR can be configured by @dtsiflit in #83

New Contributors

• @pankaj-sp made their first contribution in #85

Full Changelog: v0.4.3...v0.6.0