Breaking changes
- removed all
Option
from API. Now, it's either nothing or a valid key. It shouldn't have a big impact since the majority of users were using valid keys already. - when decoding a token to a
Tuple3
, the last part representing the signature is now aString
rather than anOption[String]
.
New features
- full support for
SecretKey
for HMAC algorithms - full support for
PrivateKey
andPublicKey
for RSA and ECDSA algorithms - Nearly all API now have 4 possible signatures (note:
JwtAsymetricAlgorithm
is either a RSA or a ECDSA algorithm)method(...)
method(..., key: String, algorithm: JwtAlgorithm)
method(..., key: SecretKey, algorithm: JwtHmacAlgorithm)
method(..., key: PrivateKey/PublicKey, algorithm: JwtAsymetricAlgorithm)
Use PrivateKey
when encoding and PublicKey
when decoding or verifying.
Bug fixes
- Some ECDSA algorithms were extending the wrong super-type
{"algo":"none"}
header was incorrectly supported