3.1.6

Added support to take an ECPublicKey or RSAPublicKey object in addition to a PEM formatted key. Thanks to @EdMcBane for the suggestion.

3.1.5

Add explicit Jackson serializer configuration for ZonedDateTime fields in case anyone wants to serialize the object directly with a Jackson ObjectMapper.

3.1.4

Upgraded Jackson Core, Databind and Annotations to 2.10.0.

3.1.3

Upgraded Jackson Databind to 2.9.9.2. This upgrade addresses CVE-2019-14379, CVE-2019-14439 and CVE-2019-12814.

See https://nvd.nist.gov/vuln/detail/CVE-2019-14379
See https://nvd.nist.gov/vuln/detail/CVE-2019-14439
See https://nvd.nist.gov/vuln/detail/CVE-2019-12814

3.1.2

Upgraded Jackson Databind to 2.9.9.1. This upgrade addresses CVE-2019-12814.

3.1.1

Changes in 3.1.1

• Add .equals(), .hashCode() and .toString() to io.fusionauth.jwt.domain.Header

• Upgraded Jackson to 2.9.9. This upgrade addresses CVE-2019-12086.

  If you are unable to upgrade to 3.1.1, simply explicitly depend upon version 2.9.9 in your own application, this will be compatible with
  this library.

  See https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9
  See https://nvd.nist.gov/vuln/detail/CVE-2019-12086

3.1.0

Changes in 3.1.0

• Added Signer.getKid() with a default impl to throw UnsupportedOperationException(), this allows the JWTEncoder.encode to add a 'kid' by default. This makes it more consistent with the JWTDecoder.

3.0.4

Changes in 3.0.4

• Add PEM.encode(Certificate certificate) and PEMEncoder.encode(Certificate certificate)

3.0.3

Changes in 3.0.3

• Remove throws from OpenIDConnect utility methods

3.0.2

Changes in 3.0.2

• Add JWTUtils.decodePayload and decodeHeader as a utility to decode a JWT, this is an unsafe and should only be used for utility not to verify the JWT. Thanks @Ostico for the suggestion.