@@ -8,13 +8,32 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
88
99### Added
1010- Support to change the ` leeway ` time for JWT verification using ` setLeeway ` #483
11+ - Support for elliptic curves (ES256, ES384 & ES512) #488
12+ - Support for EdDSA (only Ed25519) #488
13+ - ` getJtiFromBackChannel() ` to retrieve the JTI after back-channel logout request #488
1114
1215### Changed
1316- Stop adding ?schema=openid to userinfo endpoint URL. #449
17+ - Min. PHP version to 8.1 #488
18+ - ` fetchURL ` response type to ` Response ` class #488
19+ - ` Nonce ` claim must be present, Partially reverts #280
20+ - ` verifySignatures ` method signature, accepting ` JWS ` object instead of string
1421
1522### Fixed
16- - Check existence of subject when verifying JWT #474
23+ - Check existence of ` sub ` claim when verifying JWT #474
1724- exp verification when verifying Logout Token claims #482
25+ - Missing ` iat ` claim verification #488
26+ - Exception is thrown when ` iss ` claim is missing #488
27+ - Missing check of ` events ` claim when verifying Logout Token claims #488
28+ - Missing check of ` jti ` claim when verifying Logout Token claims #488
29+ - Missing check of ` sub ` claim for unsigned UserInfo Responses #488
30+
31+ ### Removed
32+ - ` getResponseCode() ` , replaced with new response method ` getStatus() ` #488
33+ - ` getResponseContentType() ` , replaced with new response method ` getContentType() ` #488
34+ - ` verifyJWTClaims() ` , replaced with individual checks #488
35+ - ` validateIssuer() ` , replaced with ` IssuerChecker ` #488
36+ - ` verifyJWTSignature() ` , replaced with ` verifyJWS() ` #488
1837
1938## [ 1.0.1] - 2024-09-13
2039
0 commit comments