Merge branch 'master' into master

auth0 · Feb 6, 2025 · 8d87aaf · 8d87aaf
2 parents c71bf80 + ee7332b
commit 8d87aaf
Show file tree

Hide file tree

Showing 11 changed files with 304 additions and 55 deletions.
diff --git a/.github/actions/maven-publish/action.yml b/.github/actions/maven-publish/action.yml
@@ -1,20 +1,16 @@
 name: Publish release to Java
 
 inputs:
+  java-version:
+    required: true
   ossr-username:
     required: true
-  ossr-password:
+  ossr-token:
     required: true
   signing-key:
     required: true
   signing-password:
     required: true
-  java-version:
-    required: true
-  is-android:
-    required: true
-  version:
-    required: true
 
 runs:
   using: composite
@@ -30,15 +26,19 @@ runs:
         source "/home/runner/.sdkman/bin/sdkman-init.sh"
         sdk list java
         sdk install java ${{ inputs.java-version }} && sdk default java ${{ inputs.java-version }}
+        export JAVA_HOME=${SDKMAN_DIR}/candidates/java/current
+        echo "JAVA_HOME is set to $JAVA_HOME"
 
     - uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # pin@1.1.0
+      env:
+        JAVA_HOME: ${{ env.JAVA_HOME }}
 
-    - name: Publish Java
-      shell: bash
-      if: inputs.is-android == 'false'
-      run: ./gradlew clean assemble sign publishMavenJavaPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
-
-    - name: Publish Android
+    - name: Publish Android/Java Packages to Maven
       shell: bash
-      if: inputs.is-android == 'true'
-      run: ./gradlew clean assemble sign publishAndroidLibraryPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
+      run: ./gradlew publish -PisSnapshot=false --stacktrace
+      env:
+        JAVA_HOME: ${{ env.JAVA_HOME }}
+        MAVEN_USERNAME: ${{ inputs.ossr-username }}
+        MAVEN_PASSWORD: ${{ inputs.ossr-token }}
+        SIGNING_KEY: ${{ inputs.signing-key}}
+        SIGNING_PASSWORD: ${{ inputs.signing-password}}
diff --git a/.github/workflows/java-release.yml b/.github/workflows/java-release.yml
@@ -6,13 +6,10 @@ on:
       java-version:
         required: true
         type: string
-      is-android:
-        required: true
-        type: string
     secrets:
       ossr-username:
         required: true
-      ossr-password:
+      ossr-token:
         required: true
       signing-key:
         required: true
@@ -66,16 +63,22 @@ jobs:
       - if: steps.tag_exists.outputs.exists == 'true'
         run: exit 1
 
+      # Set JAVA_HOME here and pass it to subsequent steps
+      - name: Set JAVA_HOME for Gradle
+        run: echo "JAVA_HOME=/home/runner/.sdkman/candidates/java/current" >> $GITHUB_ENV  # This ensures JAVA_HOME is set globally
+        env:
+         SDKMAN_DIR: /home/runner/.sdkman
+
       # Publish the release to Maven
       - uses: ./.github/actions/maven-publish
         with:
           java-version: ${{ inputs.java-version }}
-          is-android: ${{ inputs.is-android }}
-          version: ${{ steps.get_version.outputs.version }}
           ossr-username: ${{ secrets.ossr-username }}
-          ossr-password: ${{ secrets.ossr-password }}
+          ossr-token: ${{ secrets.ossr-token }}
           signing-key: ${{ secrets.signing-key }}
           signing-password: ${{ secrets.signing-password }}
+        env:
+          JAVA_HOME: ${{ env.JAVA_HOME }}
 
       # Create a release for the tag
       - uses: ./.github/actions/release-create

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -32,10 +32,9 @@ jobs:
     needs: rl-scanner
     with:
       java-version: 11.0.21-tem
-      is-android: false
     secrets:
       ossr-username: ${{ secrets.OSSR_USERNAME }}
-      ossr-password: ${{ secrets.OSSR_PASSWORD }}
+      ossr-token: ${{ secrets.OSSR_TOKEN }}
       signing-key: ${{ secrets.SIGNING_KEY }}
       signing-password: ${{ secrets.SIGNING_PASSWORD }}
       github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.version b/.version
@@ -1 +1 @@
-4.4.0
+4.5.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,49 @@
 # Change Log
 
+## [4.5.0](https://github.com/auth0/java-jwt/tree/4.5.0) (2025-01-29)
+[Full Changelog](https://github.com/auth0/java-jwt/compare/4.4.0...4.5.0)
+
+**Added**
+- Upgraded Plugin [\#711](https://github.com/auth0/java-jwt/pull/711) ([tanya732](https://github.com/tanya732))
+- Fix jackson vuln [\#705](https://github.com/auth0/java-jwt/pull/705) ([tanya732](https://github.com/tanya732))
+- Fix typo in example code [\#682](https://github.com/auth0/java-jwt/pull/682) ([kasperkarlsson](https://github.com/kasperkarlsson))
+- Remove dead README links [\#676](https://github.com/auth0/java-jwt/pull/676) ([jimmyjames](https://github.com/jimmyjames))
+- Fix typo on a comment in JWTCreator.java [\#672](https://github.com/auth0/java-jwt/pull/672) ([sgc109](https://github.com/sgc109))
+- Remove CircleCI [\#670](https://github.com/auth0/java-jwt/pull/670) ([jimmyjames](https://github.com/jimmyjames))
+- Empty string audience claim should be deserialized as empty string [\#663](https://github.com/auth0/java-jwt/pull/663) ([jimmyjames](https://github.com/jimmyjames))
+
+**Fixed**
+- empty expected audience array should throw InvalidClaimException [\#679](https://github.com/auth0/java-jwt/pull/679) ([jimmyjames](https://github.com/jimmyjames))
+
+## [4.5.0](https://github.com/auth0/java-jwt/tree/4.5.0) (2025-01-28)
+[Full Changelog](https://github.com/auth0/java-jwt/compare/4.4.0...4.5.0)
+
+**Added**
+- Upgraded Plugin [\#711](https://github.com/auth0/java-jwt/pull/711) ([tanya732](https://github.com/tanya732))
+- Fix jackson vuln [\#705](https://github.com/auth0/java-jwt/pull/705) ([tanya732](https://github.com/tanya732))
+- Fix typo in example code [\#682](https://github.com/auth0/java-jwt/pull/682) ([kasperkarlsson](https://github.com/kasperkarlsson))
+- Remove dead README links [\#676](https://github.com/auth0/java-jwt/pull/676) ([jimmyjames](https://github.com/jimmyjames))
+- Fix typo on a comment in JWTCreator.java [\#672](https://github.com/auth0/java-jwt/pull/672) ([sgc109](https://github.com/sgc109))
+- Remove CircleCI [\#670](https://github.com/auth0/java-jwt/pull/670) ([jimmyjames](https://github.com/jimmyjames))
+- Empty string audience claim should be deserialized as empty string [\#663](https://github.com/auth0/java-jwt/pull/663) ([jimmyjames](https://github.com/jimmyjames))
+
+**Fixed**
+- empty expected audience array should throw InvalidClaimException [\#679](https://github.com/auth0/java-jwt/pull/679) ([jimmyjames](https://github.com/jimmyjames))
+
+## [4.5.0](https://github.com/auth0/java-jwt/tree/4.5.0) (2025-01-22)
+[Full Changelog](https://github.com/auth0/java-jwt/compare/4.4.0...4.5.0)
+
+**Added**
+- Fix jackson vuln [\#705](https://github.com/auth0/java-jwt/pull/705) ([tanya732](https://github.com/tanya732))
+- Fix typo in example code [\#682](https://github.com/auth0/java-jwt/pull/682) ([kasperkarlsson](https://github.com/kasperkarlsson))
+- Remove dead README links [\#676](https://github.com/auth0/java-jwt/pull/676) ([jimmyjames](https://github.com/jimmyjames))
+- Fix typo on a comment in JWTCreator.java [\#672](https://github.com/auth0/java-jwt/pull/672) ([sgc109](https://github.com/sgc109))
+- Remove CircleCI [\#670](https://github.com/auth0/java-jwt/pull/670) ([jimmyjames](https://github.com/jimmyjames))
+- Empty string audience claim should be deserialized as empty string [\#663](https://github.com/auth0/java-jwt/pull/663) ([jimmyjames](https://github.com/jimmyjames))
+
+**Fixed**
+- empty expected audience array should throw InvalidClaimException [\#679](https://github.com/auth0/java-jwt/pull/679) ([jimmyjames](https://github.com/jimmyjames))
+
 ## [4.4.0](https://github.com/auth0/java-jwt/tree/4.4.0) (2023-03-31)
 [Full Changelog](https://github.com/auth0/java-jwt/compare/4.3.0...4.4.0)
 

diff --git a/README.md b/README.md
@@ -50,14 +50,14 @@ Add the dependency via Maven:
 <dependency>
   <groupId>com.auth0</groupId>
   <artifactId>java-jwt</artifactId>
-  <version>4.4.0</version>
+  <version>4.5.0</version>
 </dependency>
 ```
 
 or Gradle:
 
 ```gradle
-implementation 'com.auth0:java-jwt:4.4.0'
+implementation 'com.auth0:java-jwt:4.5.0'
 ```
 
 ### Create a JWT

diff --git a/gradle.properties b/gradle.properties
@@ -15,3 +15,24 @@ org.gradle.jvmargs=-Xmx1536m
 # This option should only be used with decoupled projects. More details, visit
 # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
 # org.gradle.parallel=true
+
+GROUP=com.auth0
+POM_ARTIFACT_ID=java-jwt
+
+POM_NAME=java jwt
+POM_DESCRIPTION=Java client library for the Auth0 platform
+POM_PACKAGING=jar
+
+POM_URL=https://github.com/auth0/java-jwt
+POM_SCM_URL=https://github.com/auth0/java-jwt
+
+POM_SCM_CONNECTION=scm:git:https://github.com/auth0/java-jwt.git
+POM_SCM_DEV_CONNECTION=scm:git:https://github.com/auth0/java-jwt.git
+
+POM_LICENCE_NAME=The MIT License (MIT)
+POM_LICENCE_URL=https://raw.githubusercontent.com/auth0/java-jwt/master/LICENSE
+POM_LICENCE_DIST=repo
+
+POM_DEVELOPER_ID=auth0
+POM_DEVELOPER_NAME=Auth0
+POM_DEVELOPER_EMAIL=oss@auth0.com
diff --git a/gradle/maven-publish.gradle b/gradle/maven-publish.gradle
@@ -0,0 +1,113 @@
+apply plugin: 'maven-publish'
+apply plugin: 'signing'
+
+task('sourcesJar', type: Jar, dependsOn: classes) {
+    archiveClassifier = 'sources'
+    from sourceSets.main.allSource
+}
+
+task('javadocJar', type: Jar, dependsOn: javadoc) {
+    archiveClassifier = 'javadoc'
+    from javadoc.getDestinationDir()
+}
+tasks.withType(Javadoc).configureEach {
+    javadocTool = javaToolchains.javadocToolFor {
+        // Use latest JDK for javadoc generation
+        languageVersion = JavaLanguageVersion.of(17)
+    }
+}
+
+javadoc {
+    // Specify the Java version that the project will use
+    options.addStringOption('-release', "11")
+}
+artifacts {
+    archives sourcesJar, javadocJar
+}
+
+
+final releaseRepositoryUrl = "https://oss.sonatype.org/service/local/staging/deploy/maven2/"
+final snapshotRepositoryUrl = "https://oss.sonatype.org/content/repositories/snapshots/"
+
+publishing {
+    publications {
+        mavenJava(MavenPublication) {
+
+            groupId = GROUP
+            artifactId = POM_ARTIFACT_ID
+            version = getVersionName()
+
+            artifact("$buildDir/libs/${project.name}-${version}.jar")
+            artifact sourcesJar
+            artifact javadocJar
+
+            pom {
+                name = POM_NAME
+                packaging = POM_PACKAGING
+                description = POM_DESCRIPTION
+                url = POM_URL
+
+                licenses {
+                    license {
+                        name = POM_LICENCE_NAME
+                        url = POM_LICENCE_URL
+                        distribution = POM_LICENCE_DIST
+                    }
+                }
+
+                developers {
+                    developer {
+                        id = POM_DEVELOPER_ID
+                        name = POM_DEVELOPER_NAME
+                        email = POM_DEVELOPER_EMAIL
+                    }
+                }
+
+                scm {
+                    url = POM_SCM_URL
+                    connection = POM_SCM_CONNECTION
+                    developerConnection = POM_SCM_DEV_CONNECTION
+                }
+
+                pom.withXml {
+                    def dependenciesNode = asNode().appendNode('dependencies')
+
+                    project.configurations.implementation.allDependencies.each {
+                        def dependencyNode = dependenciesNode.appendNode('dependency')
+                        dependencyNode.appendNode('groupId', it.group)
+                        dependencyNode.appendNode('artifactId', it.name)
+                        dependencyNode.appendNode('version', it.version)
+                    }
+                }
+            }
+        }
+    }
+    repositories {
+        maven {
+            name = "sonatype"
+            url = version.endsWith('SNAPSHOT') ? snapshotRepositoryUrl : releaseRepositoryUrl
+            credentials {
+                username = System.getenv("MAVEN_USERNAME")
+                password = System.getenv("MAVEN_PASSWORD")
+            }
+        }
+    }
+}
+
+signing {
+    def signingKey = System.getenv("SIGNING_KEY")
+    def signingPassword = System.getenv("SIGNING_PASSWORD")
+    useInMemoryPgpKeys(signingKey, signingPassword)
+
+    sign publishing.publications.mavenJava
+}
+
+javadoc {
+    if(JavaVersion.current().isJava9Compatible()) {
+        options.addBooleanOption('html5', true)
+    }
+}
+
+tasks.named('publish').configure {
+    dependsOn tasks.named('assemble')
+}
diff --git a/gradle/versioning.gradle b/gradle/versioning.gradle
@@ -0,0 +1,17 @@
+def getVersionFromFile() {
+    def versionFile = rootProject.file('.version')
+    return versionFile.text.readLines().first().trim()
+}
+
+def isSnapshot() {
+    return hasProperty('isSnapshot') ? isSnapshot.toBoolean() : true
+}
+
+def getVersionName() {
+    return isSnapshot() ? project.version+"-SNAPSHOT" : project.version
+}
+
+ext {
+    getVersionName = this.&getVersionName
+    getVersionFromFile = this.&getVersionFromFile
+}