RubyGems - jwt - Versions diffs - 2.8.2 → 2.10.2 - Mend

jwt 2.8.2 → 2.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +79 -0
data/README.md +189 -93
data/lib/jwt/base64.rb +3 -0
data/lib/jwt/claims/audience.rb +30 -0
data/lib/jwt/claims/crit.rb +35 -0
data/lib/jwt/claims/decode_verifier.rb +40 -0
data/lib/jwt/claims/expiration.rb +32 -0
data/lib/jwt/claims/issued_at.rb +22 -0
data/lib/jwt/claims/issuer.rb +34 -0
data/lib/jwt/claims/jwt_id.rb +35 -0
data/lib/jwt/claims/not_before.rb +32 -0
data/lib/jwt/claims/numeric.rb +77 -0
data/lib/jwt/claims/required.rb +33 -0
data/lib/jwt/claims/subject.rb +30 -0
data/lib/jwt/claims/verification_methods.rb +20 -0
data/lib/jwt/claims/verifier.rb +61 -0
data/lib/jwt/claims.rb +74 -0
data/lib/jwt/claims_validator.rb +6 -25
data/lib/jwt/configuration/container.rb +20 -0
data/lib/jwt/configuration/decode_configuration.rb +24 -0
data/lib/jwt/configuration/jwk_configuration.rb +1 -0
data/lib/jwt/configuration.rb +8 -0
data/lib/jwt/decode.rb +28 -70
data/lib/jwt/deprecations.rb +1 -0
data/lib/jwt/encode.rb +17 -60
data/lib/jwt/encoded_token.rb +139 -0
data/lib/jwt/error.rb +34 -0
data/lib/jwt/json.rb +1 -1
data/lib/jwt/jwa/compat.rb +32 -0
data/lib/jwt/jwa/ecdsa.rb +39 -25
data/lib/jwt/jwa/eddsa.rb +20 -27
data/lib/jwt/jwa/hmac.rb +25 -18
data/lib/jwt/jwa/hmac_rbnacl.rb +43 -43
data/lib/jwt/jwa/hmac_rbnacl_fixed.rb +40 -39
data/lib/jwt/jwa/none.rb +8 -3
data/lib/jwt/jwa/ps.rb +20 -15
data/lib/jwt/jwa/rsa.rb +20 -10
data/lib/jwt/jwa/signing_algorithm.rb +63 -0
data/lib/jwt/jwa/unsupported.rb +9 -8
data/lib/jwt/jwa/wrapper.rb +27 -9
data/lib/jwt/jwa.rb +30 -34
data/lib/jwt/jwk/ec.rb +2 -3
data/lib/jwt/jwk/hmac.rb +2 -3
data/lib/jwt/jwk/key_base.rb +1 -0
data/lib/jwt/jwk/key_finder.rb +1 -0
data/lib/jwt/jwk/kid_as_key_digest.rb +1 -0
data/lib/jwt/jwk/okp_rbnacl.rb +3 -4
data/lib/jwt/jwk/rsa.rb +2 -3
data/lib/jwt/jwk/set.rb +2 -0
data/lib/jwt/jwk.rb +1 -0
data/lib/jwt/token.rb +112 -0
data/lib/jwt/verify.rb +16 -93
data/lib/jwt/version.rb +30 -9
data/lib/jwt.rb +20 -0
data/ruby-jwt.gemspec +1 -0
metadata +36 -7

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5fc1b13d678680a3d1b23e06cad091deb0f3ffff77783a99cd1d1f7231938563
-  data.tar.gz: f7d3f5294cb3b6ba57c2772a58c50ee2d55cf6412db6b707a38c74b381662777
+  metadata.gz: 0cae4dcfd78806b4eb8192b16880e1ebeafa8651400296c9ca955f5b91abe9ab
+  data.tar.gz: a5a024f58f196d355eb004aa39be6f2d3b1e5fbf1219cac78b4d315833fd9d3f
 SHA512:
-  metadata.gz: 5f4602ed313d982db0a2e469c2fc3b58aa0de226f85e332501628d9f7b59ed8a84e78691b57f14ddf153c4be028e9b3caa13d9b3231996c798e9e63f69f4d10a
-  data.tar.gz: a3ed20caccfe2c2979426b41a6e0bbeeabe67157643c4571836642f48ccf76ba8f58bb3270501eeefcbd53e1d027de1b558310a083360ca644157934ce3c06bf
+  metadata.gz: 4fa464f652e42bd8d70243a6dd8cb8e9ad72d285116580cf802108328c20b35b274ea7e371764855fcc8b620507a7b5f9bdac0632d270bff0ad5e4ce773d0352
+  data.tar.gz: 938d9d141e35b29b94f9fe64fe07a4c87a279e2120236873d2fd5c9ca5e2bd183c4fc3123eb3c9a46d18d6c60df5271b9e2431345dbd87035dd009c07e8aa6f5

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,84 @@
 # Changelog
+## [v2.10.2](https://github.com/jwt/ruby-jwt/tree/v2.10.2) (2025-06-29)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.10.1...v2.10.2)
+**Fixes and enhancements:**
+- Avoid using the same digest across calls in JWT::JWA::Ecdsa and JWT::JWA::Rsa [#697](https://github.com/jwt/ruby-jwt/pull/697)
+## [v2.10.1](https://github.com/jwt/ruby-jwt/tree/v2.10.1) (2024-12-26)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.10.0...v2.10.1)
+**Fixes and enhancements:**
+- Make version constants public again [#646](https://github.com/jwt/ruby-jwt/pull/646) ([@anakinj]
+## [v2.10.0](https://github.com/jwt/ruby-jwt/tree/v2.10.0) (2024-12-25)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.9.3...v2.10.0)
+**Features:**
+- JWT::Token and JWT::EncodedToken for signing and verifying tokens [#621](https://github.com/jwt/ruby-jwt/pull/621) ([@anakinj](https://github.com/anakinj))
+- Detached payload support for JWT::Token and JWT::EncodedToken [#630](https://github.com/jwt/ruby-jwt/pull/630) ([@anakinj](https://github.com/anakinj))
+- Skip decoding payload if b64 header is present and false [#631](https://github.com/jwt/ruby-jwt/pull/631) ([@anakinj](https://github.com/anakinj))
+- Remove a few custom Rubocop configs [#638](https://github.com/jwt/ruby-jwt/pull/638) ([@anakinj](https://github.com/anakinj))
+**Fixes and enhancements:**
+- Deprecation warnings for deprecated methods and classes [#629](https://github.com/jwt/ruby-jwt/pull/629) ([@anakinj](https://github.com/anakinj))
+- Improved documentation for public apis [#629](https://github.com/jwt/ruby-jwt/pull/629) ([@anakinj](https://github.com/anakinj))
+- Use correct methods when raising error during signing/verification with EdDSA [#633](https://github.com/jwt/ruby-jwt/pull/633)
+- Fix JWT::EncodedToken behavior with empty string as token [#640](https://github.com/jwt/ruby-jwt/pull/640) ([@ragalie](https://github.com/ragalie))
+- Deprecation warnings for rbnacl backed functionality [#641](https://github.com/jwt/ruby-jwt/pull/641) ([@anakinj](https://github.com/anakinj))
+## [v2.9.3](https://github.com/jwt/ruby-jwt/tree/v2.9.3) (2024-10-03)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.9.2...v2.9.3)
+**Fixes and enhancements:**
+- Return truthy value for `::JWT::ClaimsValidator#validate!` and `::JWT::Verify.verify_claims` [#628](https://github.com/jwt/ruby-jwt/pull/628) ([@anakinj](https://github.com/anakinj))
+## [v2.9.2](https://github.com/jwt/ruby-jwt/tree/v2.9.2) (2024-10-03)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.9.1...v2.9.2)
+**Features:**
+- Standalone claim verification interface [#626](https://github.com/jwt/ruby-jwt/pull/626) ([@anakinj](https://github.com/anakinj))
+**Fixes and enhancements:**
+- Updated README to correctly document `OpenSSL::HMAC` documentation [#617](https://github.com/jwt/ruby-jwt/pull/617) ([@aedryan](https://github.com/aedryan))
+- Verify JWT header format [#622](https://github.com/jwt/ruby-jwt/pull/622) ([@304](https://github.com/304))
+- Bring back `::JWT::ClaimsValidator`, `::JWT::Verify` and a few other removed interfaces for preserved backwards compatibility [#624](https://github.com/jwt/ruby-jwt/pull/624) ([@anakinj](https://github.com/anakinj))
+## [v2.9.1](https://github.com/jwt/ruby-jwt/tree/v2.9.1) (2024-09-23)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.9.0...v2.9.1)
+**Fixes and enhancements:**
+- Fix regression in `iss` and `aud` claim validation [#619](https://github.com/jwt/ruby-jwt/pull/619) ([@anakinj](https://github.com/anakinj))
+## [v2.9.0](https://github.com/jwt/ruby-jwt/tree/v2.9.0) (2024-09-15)
+[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.8.2...v2.9.0)
+**Features:**
+- Build and push gem using a GH action [#612](https://github.com/jwt/ruby-jwt/pull/612) ([@anakinj](https://github.com/anakinj))
+**Fixes and enhancements:**
+- Refactor claim validators into their own classes [#605](https://github.com/jwt/ruby-jwt/pull/605) ([@anakinj](https://github.com/anakinj), [@MatteoPierro](https://github.com/MatteoPierro))
+- Allow extending available algorithms [#607](https://github.com/jwt/ruby-jwt/pull/607) ([@anakinj](https://github.com/anakinj))
+- Do not include the EdDSA algorithm if rbnacl not available [#613](https://github.com/jwt/ruby-jwt/pull/613) ([@anakinj](https://github.com/anakinj))
 ## [v2.8.2](https://github.com/jwt/ruby-jwt/tree/v2.8.2) (2024-06-18)
 [Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.8.1...v2.8.2)