Releases: vapor/jwt
Added a public initializer to Request.JWT
This patch was authored and released by @grosch.
People couldn't make their own verifiers since request
was internal.
Update to Vapor 4 GM
This patch was authored by @gwynne and released by @tanner0101.
Updated for final Vapor 4.0.0 release, with (improved) tests passing (#119).
Updates audience claim check for apple/google
Make HMAC signers thread safe
Makes HMAC JWT signers (hs256
, hs384
, hs512
) thread safe (#117).
Release Candidate 1
Upgrades to Swift 5.2.
Release candidates represent the final shift toward focusing on bug fixes and documentation. Breaking changes will only be accepted for critical issues. We expect a final release of this package shortly after Swift 5.2's release date.
Beta 3
Adds JWT validation for Apple and Google
Allows for simple validation of Sign in with Apple or google. In your routes, you can now do this:
public func registerFromSignInWithApple(req: Request) throws -> EventLoopFuture<User> {
req.jwt.apple
.verify(applicationIdentifier: "com.whoever.myapp")
.map { (token: AppleIdentityToken) in
let uniqueUserID = token.subject.value
// Create the user in the database
return user
}
}
Add JWKSCache helper for storing JWKS
Provides a way that servers can download JWKS files in response to HTTP requests such that only one request will ever be performing a download at a time. If the remote server provides caching headers this ensures the downloads are cached appropriately.
final class RouteController {
let apple: JWKSCache
init(app: Application) {
apple = .init(keyURL: "https://appleid.apple.com/auth/keys", client: app.client)
}
func signIn(_ req: Request) throws -> EventLoopFuture<Void> {
apple.keys(on: req).flatMap { jwks in
guard let key = jwks.find(identifier: "AIDOPK1", type: .rsa) else {
return req.eventLoop.makeFailedFuture(Abort(.internalServerError))
}
// Use the key here
}
}
}
JWT 4.0.0 Beta 2
This package is now a Vapor + JWTKit integration.
import JWT
import Vapor
try app.jwt.signers.use(.es512(key: .generate()))
app.post("login") { req -> LoginResponse in
let credentials = try req.content.decode(LoginCredentials.self)
return try LoginResponse(
token: req.jwt.sign(User(name: credentials.name))
)
}
app.get("me") { req -> String in
try req.jwt.verify(as: User.self).name
}