Saturday 12 October 2024

Traffic Parrot 5.49.0 released, what's new?

We have just released version 5.49.0. Here is a list of the changes that came with the release:

Features

  • Added support for the JWT Extension for WireMock
  • JWT usage examples, typically mocked via an /oauth/token endpoint:
    {{jwt maxAge='12 days'}}
{{jwt exp=(parseDate '2041-02-23T21:22:23Z')}}
{{jwt nbf=(parseDate '2019-02-23T21:22:23Z')}}
{{jwt iss='https://issuer.trafficparrot.com/'}}
{{jwt aud='https://audience.trafficparrot.com/'}}
{{jwt sub='subject'}}
{{jwt alg='RS256'}}
{{jwt
    customBoolClaim=true
    customIntClaim=23
    customStringClaim='example@x.y.z'
    customDateClaim=(parseDate '2024-01-02T03:04:05Z')
}}
  • JSON Web Key Set (JWKS) usage example, typically mocked via an /.well-known/jwks.json endpoint:
    {{jwks}}
  • Settings also visible via http://localhost:8080/api/http/__admin/settings as 
    {
  "settings" : {
    "extended" : {
      "jwt" : {
        "hs256Secret" : "...",
        "rs256PublicKeyId" : "...",
        "rs256PublicKey" : "-----BEGIN RSA PUBLIC KEY-----\n...\n-----END RSA PUBLIC KEY-----\n",
        "rs256PrivateKey" : "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----\n"
      }
    }
  }
}
  • Enable in trafficparrot.properties by setting:
    trafficparrot.http.jwt.enabled=true

Fixes

  • Library upgrades to fix OWASP issues
Posted by at No comments:
Subscribe to: Posts (Atom)