Releases: FusionAuth/fusionauth-jwt
Releases · FusionAuth/fusionauth-jwt
3.6.0
Changes in 3.6.0
- Add the x5c to the JSON Web Key Builder
- When provided, use the x5c JSON Web Key property to verify the public key modulus and exponent.
- Improve KeyUtils.getKeyLength to report the correct key length for some EC keys.
- Add support for clock skew in the JWT Decoder. See JWTDecoder.withClockSkew.
- Add TimeMachineJWTDecoder to support adjusting 'now' which may be helpful in tests to verify old JWTs.
3.5.3
Add JWK Thumbprint with SHA-1 and SHA-256.
3.5.2
Fix JSON Web Key parsing, use kty instead of alg.
3.5.1
Added HMAC time constant equality.
3.5.0
Add support for RSA PSS algorithms, PS256, PS384 and PS512.
3.4.0
Add JSON Web Key Set helpers to download keys from JWKS endpoints. See JSONWebKeySetHelper.
3.3.1
Add static method on JSONWebKey to use new JSONWebKeyParser class.
3.3.0
Add JSONWebKeyParser to extract public keys from a JSON Web key. This allows you to build JWT verifiers from publicly available JWKS endpoints.
3.2.0
Add new HMAC signer methods to take bytes.
3.1.7
Added support for providing your own crypto provider. This allows you to use BC FIPS, or other JCE security provider if you wish.
