spring-security-jwt
spring-security-jwt copied to clipboard
Mercateo
JWT support for spring-security
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.10.0 to 2.12.6.1. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 5.1.13.RELEASE to 5.3.18. Release notes Sourced from spring-webmvc's releases. v5.3.18 :star: New Features Restrict access to property paths on Class references #28261 Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask...
Bumps [bcprov-jdk15on](https://github.com/bcgit/bc-java) from 1.61 to 1.67. Changelog Sourced from bcprov-jdk15on's changelog. 2.1.1 Version Release: 1.70 Date: TBD 2.2.1 Version Release: 1.69 Date: 2021, June 7th. ... (truncated) Commits See full...
We were facing the following NPE: `java.lang.NullPointerException: value at java.util.Objects.requireNonNull(Objects.java:228) at com.mercateo.spring.security.jwt.token.claim.JWTClaim$Builder.value(JWTClaim.java:440) at com.mercateo.spring.security.jwt.token.extractor.HierarchicalClaimsExtractor.lambda$extractClaims$1(HierarchicalClaimsExtractor.java:86) at com.mercateo.spring.security.jwt.relocated.io.vavr.collection.Stream.map(Stream.java:1221) at com.mercateo.spring.security.jwt.relocated.io.vavr.collection.Stream.lambda$map$9(Stream.java:1221) at com.mercateo.spring.security.jwt.relocated.io.vavr.Lazy.computeValue(Lazy.java:161) at com.mercateo.spring.security.jwt.relocated.io.vavr.Lazy.get(Lazy.java:155) at com.mercateo.spring.security.jwt.relocated.io.vavr.collection.StreamModule$ConsImpl.tail(Stream.java:1924) at com.mercateo.spring.security.jwt.relocated.io.vavr.collection.StreamModule$StreamIterator.hasNext(Stream.java:2132) at com.mercateo.spring.security.jwt.relocated.io.vavr.collection.List.ofAll(List.java:269) at com.mercateo.spring.security.jwt.relocated.io.vavr.ValueModule.toTraversable(Value.java:1528)...
Bumps [spring-security-web](https://github.com/spring-projects/spring-security) from 5.1.5.RELEASE to 5.2.10.RELEASE. Release notes Sourced from spring-security-web's releases. 5.2.10.RELEASE :beetle: Bug Fixes Add null check in CsrfFilter and CsrfWebFilter #9594 :hammer: Dependency Upgrades Update to nohttp...
Bumps [guava](https://github.com/google/guava) from 27.1-jre to 29.0-jre. Release notes Sourced from guava's releases. 29.0 Maven <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>29.0-jre</version> <!-- or, for Android: --> <version>29.0-android</version> </dependency> Javadoc 29.0-jre 29.0-android JDiff 29.0-jre...
An unknown public key will deny the request, but that only means the token was invalid. Should only be a warning.
Bumps [junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1. Release notes Sourced from junit's releases. JUnit 4.13.1 Please refer to the release notes for details. JUnit 4.13 Please refer to the release notes...
Separated classes `AlgorithmFactory` and `RSAKeyProviderFactory` to enable testing.
Currently, the shade plugin include the packages of dependencies in the uber-jar, which can not be excluded when using the lib: ``` [INFO] --- maven-shade-plugin:3.2.1:shade (default) @ spring-security-jwt --- [INFO]...
