Saturday 12 October 2024

Traffic Parrot 5.49.0 released, what's new?

We have just released version 5.49.0. Here is a list of the changes that came with the release:

Features

  • Added support for the JWT Extension for WireMock
  • JWT usage examples, typically mocked via an /oauth/token endpoint:
    {{jwt maxAge='12 days'}}
    {{jwt exp=(parseDate '2041-02-23T21:22:23Z')}}
    {{jwt nbf=(parseDate '2019-02-23T21:22:23Z')}}
    {{jwt iss='https://issuer.trafficparrot.com/'}}
    {{jwt aud='https://audience.trafficparrot.com/'}}
    {{jwt sub='subject'}}
    {{jwt alg='RS256'}}
    {{jwt
        customBoolClaim=true
        customIntClaim=23
        customStringClaim='example@x.y.z'
        customDateClaim=(parseDate '2024-01-02T03:04:05Z')
    }}
  • JSON Web Key Set (JWKS) usage example, typically mocked via an /.well-known/jwks.json endpoint:
    {{jwks}}
  • Settings also visible via http://localhost:8080/api/http/__admin/settings as
    {
      "settings" : {
        "extended" : {
          "jwt" : {
            "hs256Secret" : "...",
            "rs256PublicKeyId" : "...",
            "rs256PublicKey" : "-----BEGIN RSA PUBLIC KEY-----\n...\n-----END RSA PUBLIC KEY-----\n",
            "rs256PrivateKey" : "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----\n"
          }
        }
      }
    }
    
  • Enable in trafficparrot.properties by setting:
    trafficparrot.http.jwt.enabled=true

Fixes

  • Library upgrades to fix OWASP issues