lhotari opened a new pull request, #25043: URL: https://github.com/apache/pulsar/pull/25043
### Motivation The jjwt library version is very old and outdated. It's better to make changes in Pulsar so that the recent version of the library could be used. ### Modifications - upgrade jjwt (jsonwebtoken) library from 0.11.1 to 0.13.0 version - make changes to adapt to breaking changes in jjwt library - since the library has breaking changes, it's better to not cherry-pick this change to maintenance branches - another breaking change is that MultiRolesTokenAuthorizationProvider cannot use "sub" for multiple roles since the newer jjwt library validates that the token conforms to the JWT spec. The spec doesn't allow a list for "sub". The default property has been changed from "sub" to "roles". ### Documentation <!-- DO NOT REMOVE THIS SECTION. CHECK THE PROPER BOX ONLY. --> - [ ] `doc` <!-- Your PR contains doc changes. --> - [ ] `doc-required` <!-- Your PR changes impact docs and you will update later --> - [x] `doc-not-needed` <!-- Your PR changes do not impact docs --> - [ ] `doc-complete` <!-- Docs have been already added --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
