v2.3

Laravel 11 support

v2.2.1

Fixed issue where config file was uncacheable.

v2.2.0

Added Bearer authorization header check in the JWTValidateMiddleware

v2.1.0

Config options to change the signer or formatter

v2.0.0

Version 2 of this package has been heavily reworked to support the latest lcobucci/jwt library.

Changes

1. BREAKING: The minimum length for signing keys is now 32 bytes.
2. BREAKING: Exceptions have changed, see the extensions directory for the exceptions you should expect to see thrown for various token validation failures.
3. BREAKING: The fluid method names have almost all changed. Rather than provide our own method names, we pass through to the underlying Builder class. So instead of the old setAudience you would use now use intendedFor.
4. We still have three additional fluent builder methods: signWith(string $key), lifetime(int $seconds), and withClaims(array $claims).
5. You can call $token->validate('expected-id') to get an individual exception for the first encountered validation failure, or you can call $token->validateAll('expected-id') to receive a RequiredConstraintsViolated exceptions with an array of ConstraintViolation exceptions, if you prefer.

Laravel 10 support

This is likely the last 1.x release.

Version 2 will be coming soon, refactored for the newer lcobucci/jwt v4 API.