Skip to content

Latest commit

 

History

History
200 lines (131 loc) · 9.52 KB

CHANGELOG.md

File metadata and controls

200 lines (131 loc) · 9.52 KB

Change Log

v2.2.2 (2024-08-23)

Full Changelog

Security

v2.2.1 (2024-01-22)

Full Changelog

Security

v2.2.0 (2023-12-01)

Full Changelog

Added

Changed

  • ESD-32688: Improve locking and blocking associated with key retrieval #225 (ewanharris)
  • Replace deprecated pkg/errors in favor of Go's standard library #189 (molaga)
  • Replace square/go-jose with go-jose/go-jose #188 (sergiught)
  • Fail to instantiate validator when audience is an empty string #183 (sergiught)

v2.1.0 (2022-11-02)

Full Changelog

Added

  • Allow setting a custom http.Client on the jwks.Provider (#151)
  • Add example tests (#157)
  • Add example for the gin web framework (#175)

Fixed

  • Fix CookieTokenExtractor to not throw error when no cookie present (#172)
  • Fix panic threat when using type-cast for customClaims in validator (#165)
  • Fix authentication error when setting multiple audiences on validator (#176)

v2.0.1 (2022-03-21)

Full Changelog

Security

  • Update Crypto dependency (#146)

v2.0.0 (2022-01-19)

Full Changelog

BEFORE YOU UPGRADE

  • This is a major release that includes breaking changes. Please see MIGRATION_GUIDE before upgrading. This release will require changes to your application.

Added

  • Use github.com/pkg/errors (#98)
  • Add a migration guide (#99)
  • Add cookie token extractor (#93, #63)
  • Add token validator using square/go-jose.v2 (#84, #81, #79, #74, #53)
  • Add allowed signing algorithms in validator (#128)
  • Add issuer and audience as required params in validator (#119)
  • Add support for jwks

Changed

  • Update docs (#72)
  • Reorganize imports across the project
  • Reorder fields to use less memory
  • Split jwtmiddleware into multiple files

Breaking

  • Simplify JWT library functionality into an interface (#77)
  • Rename Claims to RegisteredClaims in validator pkg
  • Refactor main middleware (#90, #51, #51)
  • Write back error messages on DefaultErrorHandler

Fixed

  • Fix code smells and code style

v2.0.0-beta.1 (2022-01-06)

Full Changelog

Changed

  • Improved how we pass CustomClaims to Validator for concurrent scenarios (#134)

v2.0.0-beta (2021-12-08)

Full Changelog

BEFORE YOU UPGRADE

  • This is a major release that includes breaking changes. Please see MIGRATION_GUIDE before upgrading. This release will require changes to your application.

Added

  • Use github.com/pkg/errors (#98)
  • Add a migration guide (#99)
  • Add cookie token extractor (#93, #63)
  • Add token validator using square/go-jose.v2 (#84, #81, #79, #74, #53)
  • Add allowed signing algorithms in validator (#128)
  • Add issuer and audience as required params in validator (#119)
  • Add support for jwks

Changed

  • Update docs (#72)
  • Reorganize imports across the project
  • Reorder fields to use less memory
  • Split jwtmiddleware into multiple files

Breaking

  • Simplify JWT library functionality into an interface (#77)
  • Rename Claims to RegisteredClaims in validator pkg
  • Refactor main middleware (#90, #51, #51)
  • Write back error messages on DefaultErrorHandler

Fixed

  • Fix code smells and code style

v1.0.1 (2021-06-21)

Full Changelog

Added

  • Add .github Setup (#85)

Changed

  • Update how to handle jwtMiddleware in Martini (#78)
  • Isolate example-only dependencies (#94)

Fixed

  • Fix broken blog link (#83)

v1.0.0 (2021-01-06)

Added

  • Add algorithm check as option
  • Wrap errors with %w instead of %v (#68)
  • Use builtin request context
  • Support Go modules (#65)
  • Add a simple function for logging
  • Add ability to disable auth for preflight requests
  • Add JWT Middleware for Go
  • Add valid check
  • Add a bunch of different ways to extract a token from a request
  • Add additional documentation
  • Add Martini example
  • Add a test case using negroni

Changed

  • Update FromAuthHeader to use strings.Fields instead of splitting strings by space to make parsing logic more robust (#11)
  • Replace "github.com/codegangsta/negroni" (#32)
  • Reformat examples to use new Claims type (#57)
  • Refactor code to use logf method
  • Disabling auth on OPTIONS now default behavior
  • Basic cleanups for golint (#56)

Fixed

  • Fix CredentialsOptional flag being ignored
  • Fix the examples

Security

  • Update jwt-go to v4 to address CVE-2020-26160 (#69)