v2.4.0 (2022-05-03)
Implemented enhancements:
- Ensure presence of claims #244
- Support verifying signature signed using x5c header #59
- Add x5c header key finder #338 (bdewater)
Security fixes:
- Importing JWK then exporting results in different
kid#313
Closed issues:
- Is there a way to decode a ES256 encoded JWT with a root certificate but without a public key or a private key? #471
- Encode output with extra quote #469
- Please release new gem version #444
- HS512 signature verification fails for valid tokens #438
- ArgumentError: invalid base64 while calling JWT::JWK.import(hash) #361
- NoMethodError (undefined method `encode' for JsonWebToken:Module) #329
Merged pull requests:
- Fix RuboCop TODOs #476 (typhoon2099)
- Update note about supported JWK types #475 (dpashkevich)
- Make specific algorithms in README linkable #472 (milieu)
- Add tests for keyfinder logic to ensure the argument count does not matter #467 (anakinj)
- More tests for none token #466 (anakinj)
- Improve non algorithm tests #465 (anakinj)
- Bring back Ruby 2.5 support and CodeClimate coverage reports #464 (anakinj)
- Fix a little RuboCop issue #462 (anakinj)
- Fixes with latest RuboCop #459 (anakinj)
- Removed bundler-audit from codeclimate config #458 (anakinj)
- Updated rubocop to 1.23.0 #457 (anakinj)
- Add Ruby 3.1 to test matrix #456 (anakinj)
- Use Ruby built-in url-safe base64 methods #454 (bdewater)
- Stop running tests on EOL rubies. #453 (anakinj)
- Fix openssl gem version check to support versons greater than 3 #452 (anakinj)
- Readme: Typo fix re MissingRequiredClaim #451 (antonmorant)
- Fix for exception after mergeing #385 #450 (anakinj)
- Create CODE_OF_CONDUCT.md #449 (loic5)
- Allow regular expressions and procs to verify issuer #437 (rewritten)
- Add Support to be able to verify from multiple keys #425 (ritikesh)
- Define the secp256r1 curve #385 (anakinj)