-
Notifications
You must be signed in to change notification settings - Fork 323
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v5
Pre-Release
#234
Merged
v5
Pre-Release
#234
Commits on Dec 9, 2022
-
This commit serves as the basis for further `v5` developments. It will introduce some API-breaking changes, especially to the way tokens are validated. This will allow us to provide some long-wanted features with regards to the validation API. We are aiming to do this as smoothly as possible, however, with any major version. please expect that you might need to adapt your code. The actual development will be done in the course of the next week, if time permits. It will be done in seperate PRs that will use this PR as a base. Afterwards, we will probably merge this and release an initial 5.0.0-alpha1 or similar.
Configuration menu - View commit details
-
Copy full SHA for a90858a - Browse repository at this point
Copy the full SHA a90858aView commit details -
Remove
StandardClaims
in favor ofRegisteredClaims
(#235)This PR removes the old legacy standard claims, which have been deprecated since the beginning of the `v4` module in favor of the newer `RegisteredClaims`. Removing them before any further changes to the validation API is quite useful, as less code needs to be adapated.
Configuration menu - View commit details
-
Copy full SHA for 6e66008 - Browse repository at this point
Copy the full SHA 6e66008View commit details -
* New Validation API Some guidelines in designing the new validation API * Previously, the `Valid` method was placed on the claim, which was always not entirely semantically correct, since the validity is concerning the token, not the claims. Although the validity of the token is based on the processing of the claims (such as `exp`). Therefore, the function `Valid` was removed from the `Claims` interface and the single canonical way to retrieve the validity of the token is to retrieve the `Valid` property of the `Token` struct. * The previous fact was enhanced by the fact that most claims implementations had additional exported `VerifyXXX` functions, which are now removed * All validation errors should be comparable with `errors.Is` to determine, why a particular validation has failed * Developers want to adjust validation options. Popular options include: * Leeway when processing exp, nbf, iat * Not verifying `iat`, since this is actually just an informational claim. When purely looking at the standard, this should probably the default * Verifying `aud` by default, which actually the standard sort of demands. We need to see how strong we want to enforce this * Developers want to create their own claim types, mostly by embedding one of the existing types such as `RegisteredClaims`. * Sometimes there is the need to further tweak the validation of a token by checking the value of a custom claim. Previously, this was possibly by overriding `Valid`. However, this was error-prone, e.g., if the original `Valid` was not called. Therefore, we should provide an easy way for *additional* checks, without by-passing the necessary validations This leads to the following two major changes: * The `Claims` interface now represents a set of functions that return the mandatory claims represented in a token, rather than just a `Valid` function. This is also more semantically correct. * All validation tasks are offloaded to a new (optional) `validator`, which can also be configured with appropriate options. If no custom validator was supplied, a default one is used. Co-authored-by: Micah Parks <66095735+MicahParks@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 1ef0fe8 - Browse repository at this point
Copy the full SHA 1ef0fe8View commit details
Commits on Feb 9, 2023
-
Cleanup and documentation of verification functions (#262)
This PR adds further documentation to the validator and does an additional cleanup to make the VerifyXXX functions more managable.
Configuration menu - View commit details
-
Copy full SHA for 3a9ee81 - Browse repository at this point
Copy the full SHA 3a9ee81View commit details
Commits on Feb 19, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 66e2e01 - Browse repository at this point
Copy the full SHA 66e2e01View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1e16f55 - Browse repository at this point
Copy the full SHA 1e16f55View commit details -
Co-authored-by: Michael Fridman <mf192@icloud.com>
Configuration menu - View commit details
-
Copy full SHA for 8144967 - Browse repository at this point
Copy the full SHA 8144967View commit details
Commits on Feb 20, 2023
-
Configuration menu - View commit details
-
Copy full SHA for fa7a12b - Browse repository at this point
Copy the full SHA fa7a12bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 57662e5 - Browse repository at this point
Copy the full SHA 57662e5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4e6e1ba - Browse repository at this point
Copy the full SHA 4e6e1baView commit details
Commits on Feb 21, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 28dc523 - Browse repository at this point
Copy the full SHA 28dc523View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5dc3299 - Browse repository at this point
Copy the full SHA 5dc3299View commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.