All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Add support for issue claim (56)
- Support asymmetric algorithms (40)
- Support ruby 3.0 and deprecate 2.5
- Fixed dry-configurable compatibility. (28)
- Fixed dry-configurable compatibility. (28)
- Lock dry-configurable dependency to fix upstream regression. (21)
- Fix ruby 2.7 warnings (@trevorrjohn 23 )
- Upgrade dry-configurable dependency to fix upstream bug preventing warden-jwt_auth to be loaded (21).
- Allow configuration of the signing algorithm (19].
- Update depencies.
- Do not disallow fetching JWT scopes from session
- Do not log out from session for standard AJAX requests
- Check it is not a html request when disallowing fetching from session
- Do not couple
aud_headerenv value to the setting
- Ensure JWT scopes are not fetched from session. Workaround for wardencommunity/warden#118
- Add and call hook method
on_jwt_dispatchon user instance - Encode and validate an
audclaim from the request headers
- Allow configuring classes as strings
- Take
PATH_INFOas an empty string when it is not present
fail!with message
- Unauthorize when fetched user is nil
- Update
jwtdependency
- Coerce
subto string to conform with JWT specification
- Ignore expired tokens on revocation instead of fail
- Explicit require of
securerandomstandard library