jwt-scala

• #270 now easier to pass you own Clock to Jwt - before that the system clock was always used. To use your own clock, use Jwt(clock) instead of just Jwt (and the equivalent for json libraries).

This break binary compatibility (hence the major version) because the signature of the traits and object is no longer the same, however for most users there should be no change required to your source code to compile with this new version.

Updated libraries:

• json4s to 4.0.3
• upickle to 1.4.0
• argonaut to 6.3.6

All json4s-related artifacts are now published for Scala 3. Additionally, we're using the *-core dependencies for json4s artifacts. If you were relying on ScalaJWT to bring you the full json4s-native or json4s-jackson you might need to add the dependency explicitely.

• Fix: allow dashes in subject #249

• Update to Circe 0.14.1

Changes

• Update json4s to version 4.0.0
• Update circe to version 0.14.0
• Publish the circe module for Scala 3

Remarks

• The major version bump is due to a binary compatibility break on json4s. This version is binary compatible with 7.x for all other modules, and the API of JWT Scala itself is unchanged.

• Support for Scala 3.0.0 (only for core, upickle and argonaut)
• Updated upickle to 1.3.14

• Upgrade to Scala 3.0.0-RC3
• Upgrade upickle to 1.3.12

Note that Scala 3 is available only for core, upickle and Argonaut. Other libraries didn't release a stable version for Scala 3 yet.

• Update upickle to 1.3.11
• Publish for Scala 3.0.0-RC2 (core and upickle only)

• Update upickle to v1.3.8

This release is mostly the same as v7.1.0, except it's published for Scala 3.0.0-RC1 for the libraries that support it.

• jwt-core, jwt-argonaut and jwt-upickle are now available for Scala 3.0.0-RC1 in addition to Scala 2.12 and 2.13.
• Support for other Json libraries will be added as they publish a stable version against Scala 3

New features

• Support for Ed25519 (thanks @ggrossman!) #192

This is a major release because of the typo fix (renaming JwtUnknownAlgorithm) that breaks binary compatibility.

It shouldn't be an issue for most users as it's mostly used internally, but it's publicly exposed so technically binary compatibility is broken.

• Update json4s to 3.6.11 (#181)
• Update uPickle to 1.3.0 (#186)
• Fix a typo in JwtUnknownAlgorithm #182

Important: the groupId changed from fr.pauldijou to com.github.jwt-scala,
so you need to update your dependencies:

libraryDependencies += "com.github.jwt-scala" %% "<artifact>" % "6.0.0"

• Upgrade Play to 2.8.7
• Upgrade Play Json to 2.9.2
• Upgrade uPickle to 1.2.3
• Upgrade Argonaut to 6.3.3
• Upgrade Bouncycastle to 1.68
• Drop support for Scala 2.11

• Make JwtException a proper exception (thanks @tpolecat)
• Update SBT and Scala version (thanks @erwan)
• Improve string splitting performance (thanks @jfosback)
• Breaking (a little): JwtSession should always have an expiration now if you have set a play.http.session.maxAge. Before, a few ways to create the session would forget to add it.
• Breaking (also a little): calling refreshJwtSession on a Play Result will now truly refresh and set a session if there was one to begin with. Before, it would always set a session with an expiration even if there was nothing.
• Breaking (maybe, maybe not, unsure): renamed KeyFactory algorithm from "ECDSA" to "EC" to better comply with Java Security Standard Algorithm Names, this might impact curve names, check ParameterSpec Names if you are impacted.

• Add support for asymmetric algorithms for Play framerwork (thanks @Bangalor)
• Upgrade Circe to 0.13.0 (thanks @howyp)
• Upgrade Play and play-json to 2.8.0
• Upgrade upickle to 0.9.5

• No longer fail on unknown algorithm when signature is false on options (thanks @Baccata)
• Upgrade upickle to 0.8.0 (thanks @vic)

• Upgrade to Circe 0.12.1 (thanks @erwan)

This is not really a breaking change release but I did some small adjustements that might break in very specific cases so not taking chances.

• Support Scala 2.13 for Play framework.
• Revert Circe to 0.11.1. After consideration, it was probably a mistake to use a Release Candidate version, I should stick to official stable releases.
• Fix an issue in Jwt pure Scala implementation around regexp. Again, try not to use this one, mostly for tests and demos.
• Fix examples.

• If claim.audience is only one item, it will be stringified as a simple string compared to an array if several values. (thanks @msinton)

• Fix support for Java 8. (thanks @brakthehack)
• Improve support for Scala 2.13. (thanks @erwan)