JSONWebTokens.jl icon indicating copy to clipboard operation
JSONWebTokens.jl copied to clipboard

Published 20 hours ago verified publisher icon felipenoris

Ability to provide additional header claims

Open DilumAluthge opened this issue 1 year ago • 3 comments

I have a use case where I need to provide an optional header claim. In my use case, I specifically need to provide the kid (key ID) header claim. However, I figured I'd make this PR more general. In this PR, the user can provide any optional header claims that they like. Of course, we don't let the user override typ or alg, but they can specify any other header claims.

Reference tests

Note: Prior to this PR, the header claims were hardcoded in the JSONWebTokens.jl source code like this:

{"alg":"RS256","typ":"JWT"}

In particular, note that the JSONWebTokens.jl source code hardcoded the order of the keys: first alg, and then typ.

After this PR, we create the header claims as a Julia Dict and then use JSON.jl to convert the Dict to a JSON string. This means that the JSON.jl package gets to decide which order the keys are printed in.

For the case where there are just two keys (typ and alg), we see that JSON.jl returns the following:

julia> JSON.json(Dict("typ" => "JWT", "alg" => "RS256"))
"{\"typ\":\"JWT\",\"alg\":\"RS256\"}"

julia> JSON.json(Dict("alg" => "RS256", "typ" => "JWT"))
"{\"typ\":\"JWT\",\"alg\":\"RS256\"}"

In other words, JSON.jl is outputting the following JSON:

{"typ":"JWT","alg":"RS256"}

Therefore, the key order chosen by JSON.jl is first typ and then alg.

Because of this change in the key order, some of the reference tests are broken by this PR. I have fixed the reference tests by putting in the new values - see commit.

DilumAluthge avatar Sep 06 '23 16:09 DilumAluthge

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 86.05%. Comparing base (4f0e080) to head (3423a40).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master      #21      +/-   ##
==========================================
+ Coverage   84.92%   86.05%   +1.13%     
==========================================
  Files          10       11       +1     
  Lines         398      416      +18     
==========================================
+ Hits          338      358      +20     
+ Misses         60       58       -2

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov[bot] avatar Sep 06 '23 16:09 codecov[bot]

Bump @felipenoris

DilumAluthge avatar Jun 21 '24 18:06 DilumAluthge

#22 needs to be merged (and a new release tagged) before this PR can be merged.

DilumAluthge avatar Jun 21 '24 18:06 DilumAluthge