yogsototh/clj-jwt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
57 commits 1 branch 2 tags 110 KiB
Commit graph

57 commits

This branch
This branch
All branches
Author SHA1 Message Date
Yann Esposito (Yogsototh)
a4791edd8f
snapshot version bump 2020-02-01 10:50:15 +01:00
Yann Esposito (Yogsototh)
fa77010c8a
Version 0.3.0 2020-01-31 16:47:01 +01:00
Yann Esposito (Yogsototh)
0231fa995f
bump version 2020-01-31 16:46:42 +01:00
Yann Esposito
58af18cc00
Merge pull request #1 from gbuisson/set-kid 
Allow Signing the JWT setting the kid
 2020-01-31 16:36:39 +01:00
Guillaume Buisson
60cfa068c1
set kid when signing with a key, allow setting the value 2020-01-31 16:32:39 +01:00
Yann Esposito (Yogsototh)
9086f25609
gitlab_message 2019-04-23 12:23:16 +02:00
Yann Esposito (Yogsototh)
7f0c50188d
bumped to snapshot 2018-02-28 13:10:03 +01:00
Yann Esposito (Yogsototh)
062e9ceebe
changed README 2018-02-28 13:09:28 +01:00
Yann Esposito (Yogsototh)
d72551f1b9
changed homepage 2018-02-28 13:06:18 +01:00
Yann Esposito (Yogsototh)
4f2e8f9065
bump version 2018-02-09 15:40:03 +01:00
Yann Esposito (Yogsototh)
109444f567
use long, 2038 is too close 2018-02-09 15:15:36 +01:00
Yann Esposito (Yogsototh)
c626817e1a
version bump 2018-02-06 13:00:20 +01:00
Yann Esposito (Yogsototh)
08f3f69909
fix strings in key map portability 2018-02-06 11:17:12 +01:00
liquidz
8a33982450 Merge branch 'jonasabreu-consistent-verification' #20 2015-09-18 22:29:06 +09:00
liquidz
8d4778a20a #20 rename signed-data to encoded-data 2015-09-18 22:24:41 +09:00
Jonas Abreu
2f27f553fd use the same data to sign and verify signature 2015-09-17 14:56:41 -03:00
liquidz
0c139bbd9e see #18 Merge branch 'puppetlabs-bc-150-upgrade' 2015-06-30 20:36:04 +09:00
liquidz
7e9895a092 #18 use bcpkix-jdk15on 1.52 instead of 1.50 2015-06-30 20:35:25 +09:00
Ryan Senior
e13b665c1b Upgraded to Bouncy Castle 1.50 and removed direct calls to addProvider 2015-06-29 08:41:02 -05:00
liquidz
284727d150 see #14 Add decoding token sample to README 2015-05-02 14:50:33 +09:00
liquidz
fdaa2c60d1 see #13 add tests and update readme 2015-04-02 20:39:21 +09:00
liquidz
f0cf0d19b3 see #13 update data.json dependency 2015-04-02 07:40:58 +09:00
liquidz
63f80fb453 see #13 add optional paramter that specifies algorithm to verify function 2015-04-02 07:38:32 +09:00
Masashi Iizuka
eb9a202a1d Merge pull request #11 from liquidz/bugfix 
#10 bugfix: public-key-from-string on invalid key string
 2015-02-26 07:46:07 +09:00
liquidz
d65835283b #10 bugfix: public-key-from-string on invalid key string 2015-02-26 07:43:08 +09:00
liquidz
b2ee035c64 see #9 ver up 2014-09-15 23:24:35 +09:00
liquidz
e48d4b39e2 see #9 Merge branch 'ShaneKilkelly-master' 2014-09-15 23:24:02 +09:00
liquidz
63244e4330 see #9 code refinement 2014-09-15 23:22:48 +09:00
liquidz
9da81ace39 see #9 Merge branch 'master' of https://github.com/ShaneKilkelly/clj-jwt into ShaneKilkelly-master 2014-09-15 23:17:17 +09:00
Shane Kilkelly
d07210c4d1 Validating an unsigned token with a key should be false. 
If the token supplied to the `verify` function is has a signature which
is an empty-string, the key is ignored, presuming that the token is
unsigned and that the calling code is not interested in ensuring the
token has been signed.

If the calling code is trying to verify that the token was signed with
their secret key, it is possible for a completely unsigned token to be
accepted as valid.

This patch adds a check to ensure that if the token is unsigned, but a
non-empty key was supplied to `validate`, then the token is considered
to not be valid.
 2014-09-13 17:23:53 +01:00
liquidz
289a9901f7 see #7 Use refer instead of as 2014-09-01 07:31:43 +09:00
liquidz
637f871105 see #7 Merge branch 'aew-master' 2014-09-01 07:28:14 +09:00
Edward Wible
8e6be13652 Use a constant time equality check for HMAC signature verification 2014-08-30 15:36:51 -03:00
liquidz
96e515d257 inc version 2014-08-11 07:40:42 +09:00
liquidz
0360e9f950 update dependencies 2014-08-11 07:40:28 +09:00
liquidz
78bc74cff3 #5 bug fix: handling string key problem 2014-06-19 21:54:25 +09:00
liquidz
c611871156 #5 bug fix for claims containing string key 2014-06-18 22:24:16 +09:00
liquidz
fc1ae52a92 see add clj-jwt.intdate which convert joda-time and IntDate value each other 2014-04-20 18:34:15 +09:00
liquidz
f6ee1dd2c6 update for clojure 1.6.0 2014-04-19 21:21:35 +09:00
Masashi Iizuka
a17fe62662 Merge pull request #3 from bobby/master 
Upgrade to version 0.0.4
 2013-10-17 07:07:09 -07:00
Relevance Pair
42e72421d6 Upgrade to version 0.0.4 2013-10-17 09:58:39 -04:00
liquidz
adbfeaa3c2 #2 fix :iat type in tests 2013-08-09 23:50:41 +09:00
Tobias Steiner
c0190d1b13 Fix :iat typo 2013-08-09 15:27:53 +02:00
liquidz
eefbad3d55 add key.public-key-from-string to get public key from String 2013-07-25 21:48:27 +09:00
liquidz
87e0f0ca06 update 2013-05-06 01:29:00 +09:00
liquidz
a8f960ac45 update README 2013-05-06 01:27:03 +09:00
liquidz
a17f6f3623 support ECDSA algorithm 2013-05-06 01:26:11 +09:00
liquidz
858be1122b fix clj-jwt.rsa.key-test 2013-05-03 13:31:03 +09:00
Masashi Iizuka
0d20e1c449 Update README.md 2013-05-03 01:15:27 +09:00
Masashi Iizuka
d55c6bf981 Update README.md 2013-05-03 01:04:34 +09:00