Missing function for extracting sign key id

[nagylzs]

Typically, if the JWT has the "kid" header value, then it is used to identify the signing key that was used to sign the token. In such cases, first the kid parameter must be extracted from the JWT header. Then it is used to find the correct signing key. And finally, the token's signature can be verified using that signing key.

However, the header dict of the JWT cannot be extracted easily. I could do it this way:

                header_encoded, claims_encoded, signature_encoded = JSONWebTokens.jws_split(access_token)
                header_dict = JSONWebTokens.jws_header_dict(header_encoded)
                kid = header_dict["kid"] # key id for the signing key
                alg = header_dict["alg"] # algorithm

But this is clumsy. There could be a better, easier way to extract the key id from a token. Another thing that is clumsy is the algorithm selection. It is possible to extract the algorithm as shown above, but the result is a string "HS512" or similar. Then it needs to be mapped to the JSONWebTokens.HS256 (or similar) type by hand before a so called Encoding could be created. If I only know the raw key, then there could be a function that could extract the algorithm and apply it to my key automatically.

Please let me know if these are good feature requests, or not. Maybe I'm not noticing something.

[nagylzs]

To be more concrete, I would love something similar:

import JSONWebTokens
kid = JSONWebTokens.extract_header_dict(access_token)["kid"] # Extract the kid parameter with a single call
key_data = load_my_key(kid) # where key_data is Array{UInt8,1}
JSONWebTokens.decode(key_data, access_token)  # Automatic algorithm selection based on the header