SpacetimeDB

mirror of https://github.com/clockworklabs/SpacetimeDB.git synced 2026-06-27 08:18:48 -04:00

Files

T

History

joshua-spacetime 963bec1d6f Remove spacetimedb-jsonwebtoken and spacetimedb-jwks dependencies (#5427 )

# Description of Changes

Uses `jsonwebtoken v10.4.0` instead. Important changes include:

**1. Token serialization**
Old tokens with `"exp": null` are still accepted, but new no-expiry
tokens now omit `exp` instead of serializing it as `"exp": null`.

**2. OIDC/JWKS validation**
Issuer extraction now uses `jsonwebtoken::dangerous::insecure_decode`
for key discovery only, not validation. And the old `spacetimedb-jwks`
crate required every JWK to have a `kid`, but this patch does not
preserve that limitation.

# API and ABI breaking changes

I don't believe this is considered breaking, but it bears repeating that
new no-expiry tokens now serialize without `exp` instead of `"exp":
null`.

# Expected complexity level and risk

2

# Testing

- [x] Verify a legacy no-expiry token serialized as `"exp": null` still
validates.
- [x] Verify a token with an expired `exp` is still rejected.
- [x] Verify OIDC/JWKS validation works when the JWKS keys omit the
optional `kid` field.

2026-06-23 22:56:59 +00:00

src

Remove spacetimedb-jsonwebtoken and spacetimedb-jwks dependencies (#5427 )

2026-06-23 22:56:59 +00:00

Cargo.toml

Implement HTTP handlers / webhooks in Rust modules (#4636 )

2026-05-29 16:06:15 +00:00

LICENSE

Update all licenses (#3002 )

2025-08-12 18:20:58 +00:00

README.md

Add readmes to all implementation crates specifying that they do no offer stable interfaces (#2320 )

2025-03-06 19:50:17 +00:00

README.md

⚠️ Internal Crate ⚠️

This crate is intended for internal use only. It is not stable and may change without notice.