Skip to content

Releases: vapor/jwt-kit

Update BoringSSL to 80df7398ce52574801821ce7a76c031c35d6b882

20 Aug 11:11
@VaporBot VaporBot
4.2.4
7a9a04d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Update BoringSSL to 80df7398ce52574801821ce7a76c031c35d6b882
This patch was authored and released by @0xTim.
  • Update vendor script
  • Update BoringSSL to 80df7398ce52574801821ce7a76c031c35d6b882

Contributors

0xTim
Assets 2
Loading

Add `is_private_email` claim to `AppleIdentityToken`

21 Jul 12:43
@VaporBot VaporBot
4.2.3
df79553
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Add `is_private_email` claim to `AppleIdentityToken`
This patch was authored by @gargs and released by @0xTim.

This adds the missing is_private_email claim to AppleIdentityToken. This is helpful to determine whether the user is using a proxy email address.

Assets 2
Loading

Unify Vendor Claim Verification Failure Message

18 Feb 15:52
@tanner0101 tanner0101
4.2.2
b50b30b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Unify Vendor Claim Verification Failure Message
This patch was authored by @hiimtmac and released by @0xTim.

Unify messaging for issuer JWTError.claimVerificationFailure for Apple, Microsoft and Google to read Token not provided by INSERT_VENDOR. Also fixes a typo in the Microsoft error. (#49)

Assets 2
Loading

Make CJWTKitBoringSSL implementation only

18 Feb 12:42
@tanner0101 tanner0101
4.2.1
7339965
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Make CJWTKitBoringSSL implementation only
This patch was authored and released by @0xTim.

Makes CJWTKitBoringSSL implementation only to avoid leaking C types from BoringSSL. Resolves #51

Also updates BoringSSL to f6bd54efbcafcf4625ce99b5f702dc4850b0ca50

Assets 2
Loading

Add `ECDSAKey` support to `JWKS`

08 Sep 21:13
@tanner0101 tanner0101
4.2.0
6055fe8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Add `ECDSAKey` support to `JWKS`
This patch was authored and released by @JaapWijnen.
  • Allows to create JWK's using ECDSAKeys
  • Allows use of ECDSAKeys with JWTSigner.
  • Prevents a crash when using the .es384 curve for ECDSAKeys
let key = ECDSAKey.generate(curve: .p384)
let jwks = JWKS(keys: [
   JWK.ecdsa(.es384, identifier: JWKIdentifier(string: "token-kid"), x: key.parameters!.x, y: key.parameters!.y, curve: .p384)
])
let key = ECDSAKey.generate(curve: .p384)
let signer = JWTSigner.es384(key: key)
Assets 2
Loading

Add RSAKey support for x509 certificate

20 Aug 18:34
@tanner0101 tanner0101
4.1.0
50a46ba
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Add RSAKey support for x509 certificate
This patch was authored and released by @tanner0101.

Adds support for initializing RSAKey from X.509 certificate pem files (#42).

// Create signer from X.509 certificate
let signer = try JWTSigner.rs256(key: .certificate(pem: ...))
Assets 2
Loading

Set default signer when using JWKs

30 Jul 15:16
@tanner0101 tanner0101
4.0.1
3e631a2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Set default signer when using JWKs
This patch was authored and released by @tanner0101.

Fixes an issue causing no default signer to be set when configuring only JWKs (#39).

Assets 2
Loading

JWTKit 4.0.0

29 Jul 21:02
@tanner0101 tanner0101
4.0.0
484cb74
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
JWTKit 4.0.0
This patch was authored and released by @tanner0101.

Docs:
https://github.com/vapor/jwt-kit

More information on Vapor 4 official release:
https://forums.swift.org/t/vapor-4-official-release-begins/34802

Assets 2
Loading

Add support for Microsoft JWTs

29 Jul 18:17
@tanner0101 tanner0101
4.0.0-rc.2.1
ba28866
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Add support for Microsoft JWTs Pre-release
Pre-release
This patch was authored and released by @tanner0101.

Adds new MicrosoftIdentityToken that supports Microsoft's JWT format (#36).

Assets 2
Loading

Support JWKs with no algorithm

29 Jul 18:06
@tanner0101 tanner0101
4.0.0-rc.2
ee44e77
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Support JWKs with no algorithm Pre-release
Pre-release
This patch was authored and released by @tanner0101.

Adds support for JSON Web Keys that do not specify an algorithm (#34).

JWKs are now stored directly in JWTSigners via the use(jwk:) method. When a request to verify a JWT is received that matches a JWK, both the JWT and the JWK's algorithm header is checked. A signer is then created on the fly to handle the request.

Assets 2
Loading