Nimbus JOSE + JWT 2.2

The Java library for handling JSON Web Signature (JWS), JSON Web Encryption (JWE) and JSON Web Token (JWT) messages just got an update to match the latest 06 draft version of the spec suite.

The JWE code was affected most, to reflect the major change of introducing composite algorithm identifiers and moving the initialisation vector (IV) header parameter to a body part on its own. With that the average size of encrypted tokens gets noticeably smaller and even the core library code was reduced and simplified. Thanks to everyone on the JOSE WG for contributing to this improvement!

The updated Nimbus JOSE+JWT library sources, documentation and JAR are available at

https://connect2id.com/products/nimbus-jose-jwt

Earlier this month the library went through a major rewrite for its 2.0 release and is now vastly improved. There are now separate classes for handling arbitrary plaintext, JWS and JWE objects alongside the original JWT use case. New nimbler interfaces were created to decouple algorithm implementations from the core protocol code. And finally, overall usability and object orientation were improved in order to make it easier to support a wider array of use cases and deployments.