-
5056bad: Allows a generic type, which must extend
JWT, to be defined on Authentic's signature for automatic type casting.Bumps jose to V5. This upgrade includes a breaking change, now only LTS Node versions will be supported by
@articulate/authentic, so the minimum supported version now isv18.
-
e0ab92a: Typescript refactor and replace
jsonwebtokenandjwks-rsain favor ofjoseThe biggest change on this version is the replacement of jsonwebtoken and jwks-rsa in favor of jose. jose exports the same features the other two libraries offer, without adding the extra dependencies previously required (it has zero dependencies!). This change significantly decreases
@authenticfinal bundle size, allowing it to also be used in Lambdas.Also, this new version doesn't export
authenticas a default export anymore, apps using this new version will to import/require{ authentic } from "@articulate/authentic"instead.Before upgrading make sure your app uses the new expected
jwksandverifyoptions (which differ from the old ones).Starting with this new version, Authentic started exporting both an ECMAScript Module (ESM) bundle and a CommonJS (CJS) bundle. This means that applications utilizing either of these architectures can now choose the bundle that best suits their specific use case.
- 03e1107: Allow cid claim to be a string