v.1.3.0-rc0

Summary

v1.3.0 contains major API and infrastructure additions for the library. You can now manipulate the keycache and cause the library to launch a background thread for keeping issuer information updated (potentially useful for servers where you want to avoid queries from hanging for an on-demand load). There's a new monitoring API providing insight into what verification and issuer interactions have been performed, allowing integrators to detect failures quickly.

The library now has a new integration test framework and far more test coverage than before, including concurrency tests.

What's Changed for End-Users

• Add scitokens-generate-jwks CLI for key generation in #186
• Add environment variable configuration loading on library initialization in #190

What's Changed for Library Integrators

• Add per-issuer lock to prevent multiple concurrent queries against issuers without a known key in #180
• Add negative cache for failed issuer lookups (preventing frequent re-queries) in #178
• Add monitoring API for per-issuer validation statistics in #182
• Add optional background thread for JWKS refresh in #192
• Add keycache load, metadata, and delete APIs in #194
• Revert "Fix memory leak in rs256_from_coords" by @djw8605 in #162

For developers

• Add CTest-based integration test with JWKS server and TLS infrastructure in #184
• Add devcontainer configuration for GitHub Codespaces in #188

Full Changelog: v1.2.0...v.1.3.0-rc0

v1.2.0

What's Changed

• Bump jwt-cpp to version 0.7.1, by @GregThain in #149
• Fix memory leaks in rs256_from_coords by @GregThain in #150
• Fix memory leaks in the unit tests by @GregThain in #153
• Add cmake option SCITOKENS_WITH_ASAN which enables memory checking by @djw8605 in #154
• Turn off building unit tests by default. by @djw8605 in #156
• Set CURLOPT_NOSIGNAL option in SimpleCurlGet to prevent signal interruptions by @djw8605 in #157
• Read token for scitokens-verify from stdin by @djw8605 in #159
• Update usage on verify command to make the TOKENFILE explicit by @djw8605 in #161
• Improve JWTVerificationException message to include the invalid issuer by @djw8605 in #167
• Fix security vulnerability in JWT issuer error message handling by @Copilot in #168
• Fix float time claims handling and improve error messages in scitoken_get_expiration by @Copilot in #171
• Send usage warning to stdout instead of stderr by @DrDaveD in #163
• Fix segfault if the JSON parser cannot parse the JWKS by @jthiltges in #176

Full Changelog: v1.1.3...v1.2.0

v1.1.3

What's Changed

• Include the cstdint in jwt-cpp for newer compilers by @djw8605 in #143

Full Changelog: v1.1.2...v1.1.3

v1.1.2

What's Changed

• Add mutex around key refresh with get_public_keys_from_web() by @jthiltges in #137
• Disable CMake unity builds by @GregThain in #138
• Fix include_directories for libcurl by @duncanmmacleod in #141

New Contributors

• @jthiltges made their first contribution in #137

Full Changelog: v1.1.1...v1.1.2

v1.1.1

What's Changed

• Update Debian changelog so I can build by @timtheisen in #134
• Test failures and compiler warnings by @ellert in #126
• Improve error handling around the sqlite3 library by @bbockelm in #136

Full Changelog: v1.1.0...v1.1.1

v1.1.0

What's Changed

• asynch API fixes by @Todd-L-Miller in #129
• Allow the scitokens library user to setup a custom CA file by @bbockelm in #132

New Contributors

• @Todd-L-Miller made their first contribution in #129

Full Changelog: v1.0.2...v1.1.0

v1.0.2

What's Changed

• Update build files for 1.0.0 by @timtheisen in #116
• Fix timeout on generating ACLs by @djw8605 in #115
• Fix a return of a unique pointer by @djw8605 in #117
• Cache location config by @jhiemstrawisc in #120
• Fix formating issue that causes build warning on Debian/Ubuntu by @timtheisen in #121
• Pr 113 metadata err msg by @jhiemstrawisc in #123
• Improve error messages when metadata fetch/parse fails by @bbockelm in #113
• scitokens_internal: catch matching exception type after jwt-cpp update by @olifre in #125
• Fix enforcer_acl_free logic by @jhiemstrawisc in #124

Full Changelog: v1.0.1...v1.0.2

Bug fix for ACL creation

Fix bug in creation of ACLs causing failures which logged as "timeouts"

Full Changelog: v1.0.0...v1.0.1

v1.0.0

What's Changed

• gh-action: Adapt unittests to renamed CMake flags, fix using external gtest. by @olifre in #89
• CMake: Fix typo in SCITOKENS_WARNINGS_ARE_ERRORS flag. by @olifre in #88
• Macos libressl build by @JaimeFrey in #91
• Fixing returning err_msg with enforcer fail by @djw8605 in #94
• CMake: don't add bundled gtest include dir when using external gtest by @ellert in #90
• Add enforcer test by @djw8605 in #95
• Openssl 3 0 update by @ColeBollig in #96
• Provide an API enabling explicit manipulation of the keycache for the end user. by @bbockelm in #99
• Allow the library user to explicitly set the "current" time. by @bbockelm in #98
• Shorten timeout for public key download by @bbockelm in #100
• First attempt at an async refactoring of the SciTokens library. by @bbockelm in #92
• Add a Linter action to the GitHub workflow by @jhiemstrawisc in #106
• Empty commit to apply lint by @djw8605 in #107
• Add configuration API to set keycache update/expiration intervals by @jhiemstrawisc in #111
• Claim 'nbf' is mandatory only for SCITOKENS by @vokac in #112

New Contributors

• @JaimeFrey made their first contribution in #91
• @ColeBollig made their first contribution in #96
• @jhiemstrawisc made their first contribution in #106
• @vokac made their first contribution in #112

Full Changelog: v0.7.1...v1.0.0

v0.7.1

What's Changed

• Update Debian changelog for v0.7.0 tag by @timtheisen in #76
• Enabling unit tests should not disable install of libraries and binaries by @ellert in #79
• Revert "only set install targets when not doing unit tests" by @olifre in #83
• Warnings as errors option by @GregThain in #85
• Convert CMakeLists.txt to "modern" cmake style by @GregThain in #84
• fix apparent fd-leak of sqlite handle by @edquist in #87

New Contributors

• @edquist made their first contribution in #87

Full Changelog: v0.7.0...v0.7.1