jwt-framework
jwt-framework copied to clipboard
web-token
adds `withEncodedPayload` to `JWSBuilder`
You can use the new withEncodedPayload method when you have already externally encoded the payload before passing it to the library for signing.
I'm not particularly attached to the particular implementation here, so suggestions are welcome if there's a better way to do this.
The goal here is to be able to pass in an already-encoded payload and avoid the library doing the base64 encoding on the payload. I realize there's already a method to sort of do that by changing the b64 header value, but that isn't always possible.
For example, in this draft you're expected to pass in a base64-url-encoded sha256 hash of a POST body a the JWS payload. In order to build a JWS that validates according to this spec, I needed to do that hash myself and pass in the exact payload contents to the JWS builder.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @aaronpk,
I missed this issue (afk for personal reasons). I clearly understand the concerns here, but I'm afraid that the class design and computation process doesn't allow implementing this functionality an easy way.
The b64 header prevents the encoding/decoding process and I use it a lot with detached payloads, but that's not what you want.
Let me check deeper to find an elegant way to handle this.
Thanks for taking a look! This PR seems to let me do what I want, but I may not have done it the best way according to the style of the rest of the library. Happy to take suggestions on an alternative implementation.