10 KiB
10 KiB
Changelog
6.11.1 (2025-04-09)
Bug Fixes
6.11.0 (2025-01-23)
Features
Bug Fixes
6.10.2 (2024-11-24)
Bug Fixes
6.10.1 (2024-05-18)
Bug Fixes
- ensure ratelimit expiry is set every time (#556) (09cb208)
- ratelimit cache expiration (#550) (dda7250)
6.10.0 (2023-11-28)
Features
6.9.0 (2023-10-04)
Features
6.8.1 (2023-07-14)
Bug Fixes
- accept float claims but round down to ignore them (#492) (3936842)
- different BeforeValidException messages for nbf and iat (#526) (0a53cf2)
6.8.0 (2023-06-14)
Features
Bug Fixes
6.7.0 (2023-06-14)
Features
6.6.0 (2023-06-13)
Features
Bug Fixes
6.5.0 (2023-05-12)
Bug Fixes
Miscellaneous Chores
- drop support for PHP 7.3 (#495)
6.4.0 (2023-02-08)
Features
- add support for W3C ES256K (#462) (213924f)
- improve caching by only decoding jwks when necessary (#486) (78d3ed1)
6.3.2 (2022-11-01)
Bug Fixes
- check kid before using as array index (bad1b04)
6.3.1 (2022-11-01)
Bug Fixes
- casing of GET for PSR compat (#451) (60b52b7)
- string interpolation format for php 8.2 (#446) (2e07d8a)
6.3.0 / 2022-07-15
- Added ES256 support to JWK parsing (#399)
- Fixed potential caching error in
CachedKeySetby caching jwks as strings (#435)
6.2.0 / 2022-05-14
6.1.0 / 2022-03-23
- Drop support for PHP 5.3, 5.4, 5.5, 5.6, and 7.0
- Add parameter typing and return types where possible
6.0.0 / 2022-01-24
- Backwards-Compatibility Breaking Changes: See the Release Notes for more information.
- New Key object to prevent key/algorithm type confusion (#365)
- Add JWK support (#273)
- Add ES256 support (#256)
- Add ES384 support (#324)
- Add Ed25519 support (#343)
5.0.0 / 2017-06-26
- Support RS384 and RS512. See #117. Thanks @joostfaassen!
- Add an example for RS256 openssl. See #125. Thanks @akeeman!
- Detect invalid Base64 encoding in signature. See #162. Thanks @psignoret!
- Update
JWT::verifyto handle OpenSSL errors. See #159. Thanks @bshaffer! - Add
arraytype hinting todecodemethod See #101. Thanks @hywak! - Add all JSON error types. See #110. Thanks @gbalduzzi!
- Bugfix 'kid' not in given key list. See #129. Thanks @stampycode!
- Miscellaneous cleanup, documentation and test fixes. See #107, #115, #160, #161, and #165. Thanks @akeeman, @chinedufn, and @bshaffer!
4.0.0 / 2016-07-17
- Add support for late static binding. See #88 for details. Thanks to @chappy84!
- Use static
$timestampinstead oftime()to improve unit testing. See #93 for details. Thanks to @josephmcdermott! - Fixes to exceptions classes. See #81 for details. Thanks to @Maks3w!
- Fixes to PHPDoc. See #76 for details. Thanks to @akeeman!
3.0.0 / 2015-07-22
- Minimum PHP version updated from
5.2.0to5.3.0. - Add
\Firebase\JWTnamespace. See #59 for details. Thanks to @Dashron! - Require a non-empty key to decode and verify a JWT. See #60 for details. Thanks to @sjones608!
- Cleaner documentation blocks in the code. See #62 for details. Thanks to @johanderuijter!
2.2.0 / 2015-06-22
- Add support for adding custom, optional JWT headers to
JWT::encode(). See #53 for details. Thanks to @mcocaro!
2.1.0 / 2015-05-20
- Add support for adding a leeway to
JWT:decode()that accounts for clock skew between signing and verifying entities. Thanks to @lcabral! - Add support for passing an object implementing the
ArrayAccessinterface for$keysargument inJWT::decode(). Thanks to @aztech-dev!
2.0.0 / 2015-04-01
- Note: It is strongly recommended that you update to > v2.0.0 to address known security vulnerabilities in prior versions when both symmetric and asymmetric keys are used together.
- Update signature for
JWT::decode(...)to require an array of supported algorithms to use when verifying token signatures.