Skip to content

2.0.0

Latest

Choose a tag to compare

@masterix21 masterix21 released this 08 Apr 16:23
a0b7e48

Features

  • Certificate chain verification (Ed25519) for offline key rotation support
  • Public key bundle application from server responses to token validator
  • Token validator initialization from stored bundle on boot
  • PASETO issuer claim (iss) validation
  • Clock skew tolerance (±60s, configurable) for token expiration and not-before checks
  • Not-before (nbf) claim validation
  • Entitlements storage and retrieval API
  • Additional token claims exposed: licensable_type, licensable_id, not_before, issuer, entitlements
  • Explicit PHP 8.4 and 8.5 support

Improvements

  • Improved HTTP error code mapping (400, 5xx status codes)
  • Full compatibility with laravel-licensing server v2.0.0

CI

  • Added PHP 8.5 to test matrix
  • Added Laravel 13 to test matrix

Breaking Changes

  • Tokens with invalid issuer are now rejected (configure licensing-client.issuer to match your server)
  • Tokens with certificate chain in footer are now verified against the root public key

Full Changelog: v1.0.0...2.0.0