Releases: nats-io/jwt
Releases · nats-io/jwt
v2.5.0
v2.4.1
v2.4.0
What's Changed
- [FEAT] added support for external authorization for accounts. by @derekcollison in #179, #180, #185, #186,
- [FIX] added validation requiring auth user when auth accounts are listed by @aricart in #181
- [UPDATE] Some Updates by @derekcollison in #183
- [FEAT] Xkeys support by @derekcollison in #182
- [CHORE] migrate ci to gha by @aricart in #191
- [FIX] added additional scrutiny to DidSign in the case of signing keys by @aricart in #190
- [FIX] overhaul jwt v2 and v1 inter-tangling by @philpennock in #195
- [FIX] Simplify AuthorizationResponse by @aricart in #189
- [BUMP] version for imminent release: 2.4.0 by @philpennock in #196
Full Changelog: v2.3.0...v2.4.0
Release v2.3.0
Changelog
The repository master
branch has been renamed to main
. If you have a fork or a local copy of the repository, you would have to perform the following git operations:
git checkout master
git branch -m master main
git fetch origin
git remote set-head origin -a
Added
IssueUserJWT()
takes an account scoped signing key, account id, and use public key (and optionally a user's name, an expiration duration and tags) and returns a valid signed JWT. See the following ADR for more information (#163)JetStreamLimits.MaxBytesRequired
: a boolean to indicate thatmax_bytes
is required for all streams created under an account (#164)AccountClaims.Limits.JetStreamTieredLimits
: which is a map ofJetStreamLimits
where the key is the tier, for example "R1", "R3", etc.. (#169)JetStreamLimits.MemoryMaxstreamBytes
andJetStreamLimits.DiskMaxstreamBytes
: to limit the maximum value for max bytes for memory and disk (#172)JetStreamLimits.MaxAckPending
: to limit the number of MaxAckPending on a consumer (#174)AccountLimits.DisallowBearer
: to reject connections from user JWTs that have the bearer token boolean set to true (#177)
Fixed
Activation
's validation error text: was reportinginvalid export type
instead ofinvalid import type
(#176)
Complete Changes
Release v2.2.0
Changelog
Added
- Two new connection types,
LEAFNODE_WS
andMQTT_WS
(not yet supported in the NATS Server, but will be in the near future). If the administrator wants to restrict a configured user to a leaf node connection (websocket or not) but not as a standard user (a client application), the previous existing connection types would not allow it. Having onlyLEAFNODE
would not deny LeafNode connection over websocket, and addingWEBSOCKET
would then allow client applications to connect to the client websocket port (#161)
Fixed
- Decoding of signing keys would return a
nil
map instead of the actual signing keys (#160)
Complete Changes
Release v2.1.0
Release v2.0.3
Release v2.0.2
Changelog
Fixed
- Regular expression to accept EOF/newline at the end of the decoration (#151)
Complete Changes
Release v2.0.1
Changelog
Fixed
- Import validation to return error when token are in the wrong context (#149)
Complete Changes
Release v2.0.0
Changelog
Added
- Information link and description to account and export (#122)
- Ability to specify headers for latency tracking (#125)
- Ability to have wildcards export/imports (#131)
- Roles for signing keys (#129)
- Generic claims can now have custom types (#132)
Keys()
function toSigningKeys
which returns all signing keys in the account (#134)- New field
LocalSubject
to rename the remote subject (#137) - Accessor to read
To
without deprecation warning (#138) - Flag enforcing subordinate objects to be signed with signing keys (#140)
- Advertise flag to exports and extending maximum description length (#143)
- Support for account mappings (#145)
Deprecated
- The
To
subject in imports (#137)
Removed
- JWT activation token as URL and corresponding download (#144)
Fixed
- Import token validation (#124)
- Removed unnecessary warning for imports without token (#130)
- Ensure that generic claims type is a string (#133)
- Missing validation for permissions (#139)
- Fixed default value for JetStream to be 0 (disabled) (#141)
op.DidSign(op)
when strict signing key usage was enforced (#142)
Updated
- Dependencies to nkeys v0.3.0 (#147)