All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Prevent strategy from running when the current path matches a dispatch request (60)
- Fix version mismatch
- Add support for issue claim (56)
- Support asymmetric algorithms (40)
- Support ruby 3.0 and deprecate 2.5
- Fixed dry-configurable compatibility. (28)
- Fixed dry-configurable compatibility. (28)
- Lock dry-configurable dependency to fix upstream regression. (21)
- Fix ruby 2.7 warnings (@trevorrjohn 23 )
- Upgrade dry-configurable dependency to fix upstream bug preventing warden-jwt_auth to be loaded (21).
- Allow configuration of the signing algorithm (19].
- Update depencies.
- Do not disallow fetching JWT scopes from session
- Do not log out from session for standard AJAX requests
- Check it is not a html request when disallowing fetching from session
- Do not couple
aud_header
env value to the setting
- Ensure JWT scopes are not fetched from session. Workaround for wardencommunity/warden#118
- Add and call hook method
on_jwt_dispatch
on user instance - Encode and validate an
aud
claim from the request headers
- Allow configuring classes as strings
- Take
PATH_INFO
as an empty string when it is not present
fail!
with message
- Unauthorize when fetched user is nil
- Update
jwt
dependency
- Coerce
sub
to string to conform with JWT specification
- Ignore expired tokens on revocation instead of fail
- Explicit require of
securerandom
standard library