jwt-authorizer/CHANGELOG.md

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

0.7.0 (2023-02-14)

Changed

• Refresh configuration - simplification, minimal_refresh_interval removed (replaced by refresh_interval in KeyNotFound refresh strategy)

Added

• integration tests, unit tests

0.6.0 (2023-02-05)

Added

• JwtAuthorizer::from_oidc(issuer_uri) - building from oidc discovery page

Changed

• JwtAuthorizer::layer() becomes async

Minor Changes

• demo-server refactoring

0.5.0 - (2023-1-28)

Changed

• JwtAuthorizer creation simplified:
  • JwtAuthorizer::from_* creates an instance, new() is not necessary anymore
• with_check() renamed to check()

Added

• jwks store refresh configuration

Fixed

• claims extractor (JwtClaims) without authorizer should not panic, should send a 500 error

0.4.0 - (2023-1-21)

Added

• claims checker (stabilisation, tests, documentation)

Fixed

• added missing WWW-Authenticate header to errors

0.3.2 - (2023-1-18)

Fixed

• fix: when jwks store endpoint is unavailable response should be an error 500 (not 403)

0.3.1 - (2023-1-14)

Fixed

• fix: panicking when a bearer token is missing in protected request (be6bf9fb)

0.3.0 - (2023-1-13)

Added

• building the authorizer layer from rsa, ec, ed PEM files and from secret phrase (9bd99b2a)

0.2.0 - (2023-1-10)

Initial release