go-paseto

Alpha release of v2.0.0. Adds support for custom token types to be used, so that users of this library can manually manage (de)serialisation of token claims and footer.

What's Changed

• Add support for custom token types through generics by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/39

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.5.2...v2.0.0-alpha

What's Changed

• Bump golang.org/x/crypto from 0.11.0 to 0.17.0 by @dependabot in https://github.com/aidantwoods/go-paseto/pull/50

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.5.1...v1.5.2

What's Changed

• Use json.RawMessage to delay serialisation/deserialisation by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/48

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.5.0...v1.5.1

What's Changed

• Add constructors to allow constructing keys from standard Go objects by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/43
• Update dependencies by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/45

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.4.0...v1.5.0

This is an fairly large internal change around how results + errors are being represented. There should be no change to any consumer facing behaviour from the public API perspective.

What's Changed

• doc: update README by @Claude-Zq in https://github.com/aidantwoods/go-paseto/pull/26
• Result type by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/19
• No longer force unwrap footer result by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/41

New Contributors

• @Claude-Zq made their first contribution in https://github.com/aidantwoods/go-paseto/pull/26

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.3.0...v1.3.1

What's Changed

• Raise min permitted version of Go to 1.18 by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/23
• Bump yaml dependency by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/24

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.2.1...v1.3.0

What's Changed

• Create SECURITY.md by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/17
• Only run push trigger for main by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/18
• Add pkg description by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/20
• Update deps and notice about Go version support by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/21

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.2.0...v1.2.1

What's Changed

• Update ci.yml by @ilyabrin in https://github.com/aidantwoods/go-paseto/pull/9
• Validate ed25519 private keys during import by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/8
• Add sentinel error types by @aidantwoods in https://github.com/aidantwoods/go-paseto/pull/12

New Contributors

• @ilyabrin made their first contribution in https://github.com/aidantwoods/go-paseto/pull/9

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.1.3...v1.2.0

Sentinel Errors

Introduces two specialisations on errors that may be returned: TokenError and RuleError. Note that some errors will still be returned by the library that are in neither of these specialisations, and so you should still fallback to general error handling (not assume one of these will always be returned).

A TokenError will be returned if the token is outright invalid in some way, whether that be due to formatting, a cryptographic issue, or some other issue which renders the token invalid.

A RuleError will be returned if a token fails one of the specified rules, but is otherwise valid (including cryptographically).

Distinguishing between these two error types is not mandatory: it is perfectly safe to just handle a general error without inspecting it. Being able to inspect an error may be useful for some use cases, for example if a different handling action is desired depending on whether the token was invalid or whether a rule failure occurred. Note that if you do look for one of these errors, you should additionally include code to handle general errors as a fallback: you should expect new errors that do not fall into either of these two categories to be returned in the future.

What's Changed

• Added new NotBeforeNbf rule, which can be used the check the current time is after or equal to the token's nbf claim.
• Clarified that NotExpired checks according to the time when the rule is run, not when the rule is created

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.1.2...v1.1.3

What's Changed

• Testing against update PASETO test vectors https://github.com/aidantwoods/go-paseto/pull/5
• Error messages are now slightly more helpful

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.1.1...v1.1.2

What's Changed

• Add feature to import/export keys as raw byte array by @suttod in https://github.com/aidantwoods/go-paseto/pull/2

New Contributors

• @suttod made their first contribution in https://github.com/aidantwoods/go-paseto/pull/2

Full Changelog: https://github.com/aidantwoods/go-paseto/compare/v1.1.0...v1.1.1

This minor release adds support for version 3 public of the PASETO spec.

Additional information: https://github.com/aidantwoods/go-paseto/pull/1

Version 1.0.1

• Documentation updates
• No longer export the Message type: this was added for consistency with the swift-paseto library, but I opted to simplify the API here considerably by not exporting the low level Paseto crypto operations. The Message type only really makes sense when using those low level operations.

Version 1 stable release!

Support for common claims validators, full support for v2 and v4, and partial support for v3. Full support for v3 expected to be added in a later feature release.