jwt-scala

• Update to Circe 0.5.0

• Update to Circe 0.4.1
• audience is now Set[String] rather than just String inside Claim according to JWT spec. API using String still available.
• Use org.bouncycastle.util.Arrays.constantTimeAreEqual to check signature rather than home made function.
• Remove Play Legacy since Play 2.5+ only supports Java 1.8+

Add leeway support in JwtOptions

Support for Circe 0.3.0

Support for Play Framework 2.5.0

Fix bug not-escaping quotation mark " when stringifying JSON.

Circe support

Thanks to @dwhitney , JWT Scala now has support for Circe. Check out samples and Scaladoc.

Disable validation

When decoding, JWT Scala also performs validation. If you need to decode an invalid token, you can now use a JwtOptions as the last argument of any decoding function to disable validation checks like expiration, notBefore and signature. Read the Options section of the core sample to know more.

Fix null session in Play 2.4

Since 2.4, Play assign null as default value for some configuration keys which throw a ConfigException.Null in TypeSafe config lib. This should be fixed with the new configuration system at some point in the future. In the mean time, all calls reading the configuration will be wrapped in a try/catch to prevent that.

Fix tricky bug inside all JSON libs not supporting correctly the none algorithm.

Thanks a lot to @drbild for helping review the code around security vulnerabilities.

Now on Maven

All the sub-projects are now released directly on Maven Central. Since Sonatype didn't accept pdi as the groupId, I had to change it to com.pauldijou. Sorry about that, you will need to quickly update your build.sbt (or whatever file contains your dependencies).

Breaking changes

Good news Those changes don't impact the jwt-play lib, only low level APIs.

All decoding and validating methods with a key: String are now removed for security reasons. Please use their counterpart which now needs a 3rd argument corresponding to the list of algorithms that the token can be signed with. This list cannot mix HMAC and asymetric algorithms (like RSA or ECDSA). This is to prevent a server using RSA with a String key to receive a forged token signed with a HMAC algorithm and the RSA public key to be accepted using the same RSA public key as the HMAC secret key by default. You can learn more by reading this article.

// Before
val claim = Jwt.decode(token, key)

// After (knowing that you only expect a HMAC 256)
val claim = Jwt.decode(token, key, Seq(JwtAlgorithm.HS256))
// After (supporting all HMAC algorithms)
val claim = Jwt.decode(token, key, JwtAlgorithm.allHmac)

If you are using SecretKey or PublicKey, the list of algorithms is optional and will be automatically computed (using JwtAlgorithm.allHmac and JwtAlgorithm.allAsymetric respesctively) but feel free to provide you own list if you want to restrict the possible algorithms. More security never killed any web application.

Why not deprecate them? I considered doing that but I decided to enforce the security fix. I'm pretty sure that most people only use one HMAC algorithm with a String key and it will force them to edit their code but it should be a minor edit since you usually only decode tokens once or twice inside a code base. The fact that the project is still very new and at a 0.x version played in the decision.

Fixes

Fix a security vulnerability around timing attacks.

Features

Add implicit class to convert JwtHeader and JwtClaim to JsValue or JValue. See examples for Play JSON or examples for Json4s.

// Play JSON
JwtHeader(JwtAlgorithm.HS256).toJsValue
JwtClaim().by("me").to("you").about("something").issuedNow.startsNow.expiresIn(15).toJsValue

// Json4s
JwtHeader(JwtAlgorithm.HS256).toJValue
JwtClaim().by("me").to("you").about("something").issuedNow.startsNow.expiresIn(15).toJValue

Same as 0.4.0 but targeting Play 2.3

Breaking changes

• move exceptions to their own package
• move algorithms to their own package

Features

• support Play 2.4.0

Breaking changes

• removed all Option from API. Now, it's either nothing or a valid key. It shouldn't have a big impact since the majority of users were using valid keys already.
• when decoding a token to a Tuple3, the last part representing the signature is now a String rather than an Option[String].

New features

• full support for SecretKey for HMAC algorithms
• full support for PrivateKey and PublicKey for RSA and ECDSA algorithms
• Nearly all API now have 4 possible signatures (note: JwtAsymetricAlgorithm is either a RSA or a ECDSA algorithm)
  • method(...)
  • method(..., key: String, algorithm: JwtAlgorithm)
  • method(..., key: SecretKey, algorithm: JwtHmacAlgorithm)
  • method(..., key: PrivateKey/PublicKey, algorithm: JwtAsymetricAlgorithm)

Use PrivateKey when encoding and PublicKey when decoding or verifying.

Bug fixes

• Some ECDSA algorithms were extending the wrong super-type
• {"algo":"none"} header was incorrectly supported

No code change from 0.0.6, just more doc and tests.

Add support for Json4s (both Native and Jackson implementations)

We should be API ready. Just need more tests and scaladoc before production ready.