Merge pull request #138 from auth0/add-kid-setter

Add Key Id setter and set JWT Type after signing

Author: hzalaz

README.md

@@ -206,6 +206,18 @@ Additional Claims defined in the token's Header can be obtained by calling `getH
 Claim claim = jwt.getHeaderClaim("owner");
 ```
 
+When creating a Token with the `JWT.create()` you can specify header Claims by calling `withHeader()` and passing both the map of claims. 
+
+```java
+Map<String, Object> headerClaims = new HashMap();
+headerclaims.put("owner", "auth0");
+JWT.create()
+    .withHeader(headerClaims)
+    .sign(Algorithm.HMAC256("secret"));
+```
+
+> The `alg` and `typ` values will always be included in the Header after the signing process.
+
 
 ### Payload Claims
 
@@ -273,14 +285,14 @@ Additional Claims defined in the token's Payload can be obtained by calling `get
 Map<String, Claim> claims = jwt.getClaims();    //Key is the Claim name
 Claim claim = claims.get("isAdmin");
 ```
-al
+
 or
 
 ```java
 Claim claim = jwt.getClaim("isAdmin");
 ```
 
-When creating a Token with the `JWT.create()` you can specify a custom Claim by calling `withClaim()` and passing both the name and the value.
+When creating a Token with the `JWT.create()` you can specify a custom Claim by calling `withClaim()` and passing both the name and the value. 
 
 ```java
 JWT.create()

lib/src/main/java/com/auth0/jwt/JWTCreator.java

@@ -7,7 +7,9 @@
 import com.auth0.jwt.impl.PayloadSerializer;
 import com.auth0.jwt.impl.PublicClaims;
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.MapperFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
 import com.fasterxml.jackson.databind.module.SimpleModule;
 import org.apache.commons.codec.binary.Base64;
 
@@ -33,6 +35,7 @@ private JWTCreator(Algorithm algorithm, Map<String, Object> headerClaims, Map<St
             SimpleModule module = new SimpleModule();
             module.addSerializer(ClaimsHolder.class, new PayloadSerializer());
             mapper.registerModule(module);
+            mapper.configure(MapperFeature.SORT_PROPERTIES_ALPHABETICALLY, true);
             headerJson = mapper.writeValueAsString(headerClaims);
             payloadJson = mapper.writeValueAsString(new ClaimsHolder(payloadClaims));
         } catch (JsonProcessingException e) {
@@ -74,7 +77,18 @@ public Builder withHeader(Map<String, Object> headerClaims) {
         }
 
         /**
-         * Add a specific Issuer ("iss") claim.
+         * Add a specific Key Id ("kid") claim to the Header.
+         *
+         * @param keyId the Key Id value.
+         * @return this same Builder instance.
+         */
+        public Builder withKeyId(String keyId) {
+            this.headerClaims.put(PublicClaims.KEY_ID, keyId);
+            return this;
+        }
+
+        /**
+         * Add a specific Issuer ("iss") claim to the Payload.
          *
          * @param issuer the Issuer value.
          * @return this same Builder instance.
@@ -85,7 +99,7 @@ public Builder withIssuer(String issuer) {
         }
 
         /**
-         * Add a specific Subject ("sub") claim.
+         * Add a specific Subject ("sub") claim to the Payload.
          *
          * @param subject the Subject value.
          * @return this same Builder instance.
@@ -96,7 +110,7 @@ public Builder withSubject(String subject) {
         }
 
         /**
-         * Add a specific Audience ("aud") claim.
+         * Add a specific Audience ("aud") claim to the Payload.
          *
          * @param audience the Audience value.
          * @return this same Builder instance.
@@ -107,7 +121,7 @@ public Builder withAudience(String... audience) {
         }
 
         /**
-         * Add a specific Expires At ("exp") claim.
+         * Add a specific Expires At ("exp") claim to the Payload.
          *
          * @param expiresAt the Expires At value.
          * @return this same Builder instance.
@@ -118,7 +132,7 @@ public Builder withExpiresAt(Date expiresAt) {
         }
 
         /**
-         * Add a specific Not Before ("nbf") claim.
+         * Add a specific Not Before ("nbf") claim to the Payload.
          *
          * @param notBefore the Not Before value.
          * @return this same Builder instance.
@@ -129,7 +143,7 @@ public Builder withNotBefore(Date notBefore) {
         }
 
         /**
-         * Add a specific Issued At ("iat") claim.
+         * Add a specific Issued At ("iat") claim to the Payload.
          *
          * @param issuedAt the Issued At value.
          * @return this same Builder instance.
@@ -140,7 +154,7 @@ public Builder withIssuedAt(Date issuedAt) {
         }
 
         /**
-         * Add a specific JWT Id ("jti") claim.
+         * Add a specific JWT Id ("jti") claim to the Payload.
          *
          * @param jwtId the Token Id value.
          * @return this same Builder instance.
@@ -261,6 +275,7 @@ public String sign(Algorithm algorithm) throws IllegalArgumentException, JWTCrea
                 throw new IllegalArgumentException("The Algorithm cannot be null.");
             }
             headerClaims.put(PublicClaims.ALGORITHM, algorithm.getName());
+            headerClaims.put(PublicClaims.TYPE, "JWT");
             return new JWTCreator(algorithm, headerClaims, payloadClaims).sign();
         }
 

lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java

@@ -1,10 +1,12 @@
 package com.auth0.jwt;
 
 import com.auth0.jwt.algorithms.Algorithm;
+import org.apache.commons.codec.binary.Base64;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 
+import java.nio.charset.StandardCharsets;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -28,15 +30,29 @@ public void shouldThrowWhenRequestingSignWithoutAlgorithm() throws Exception {
 
     @SuppressWarnings("Convert2Diamond")
     @Test
-    public void shouldAddHeader() throws Exception {
+    public void shouldAddHeaderClaim() throws Exception {
         Map<String, Object> header = new HashMap<String, Object>();
         header.put("asd", 123);
         String signed = JWTCreator.init()
                 .withHeader(header)
                 .sign(Algorithm.HMAC256("secret"));
 
         assertThat(signed, is(notNullValue()));
-        assertThat(TokenUtils.splitToken(signed)[0], is("eyJhbGciOiJIUzI1NiIsImFzZCI6MTIzfQ"));
+        String[] parts = signed.split("\\.");
+        String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
+        assertThat(headerJson, JsonMatcher.hasEntry("asd", 123));
+    }
+
+    @Test
+    public void shouldAddKeyId() throws Exception {
+        String signed = JWTCreator.init()
+                .withKeyId("56a8bd44da435300010000015f5ed")
+                .sign(Algorithm.HMAC256("secret"));
+
+        assertThat(signed, is(notNullValue()));
+        String[] parts = signed.split("\\.");
+        String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
+        assertThat(headerJson, JsonMatcher.hasEntry("kid", "56a8bd44da435300010000015f5ed"));
     }
 
     @Test
@@ -134,7 +150,20 @@ public void shouldSetCorrectAlgorithmInTheHeader() throws Exception {
                 .sign(Algorithm.HMAC256("secret"));
 
         assertThat(signed, is(notNullValue()));
-        assertThat(TokenUtils.splitToken(signed)[0], is("eyJhbGciOiJIUzI1NiJ9"));
+        String[] parts = signed.split("\\.");
+        String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
+        assertThat(headerJson, JsonMatcher.hasEntry("alg", "HS256"));
+    }
+
+    @Test
+    public void shouldSetCorrectTypeInTheHeader() throws Exception {
+        String signed = JWTCreator.init()
+                .sign(Algorithm.HMAC256("secret"));
+
+        assertThat(signed, is(notNullValue()));
+        String[] parts = signed.split("\\.");
+        String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
+        assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT"));
     }
 
     @Test
@@ -158,43 +187,43 @@ public void shouldAcceptCustomClaimOfTypeString() throws Exception {
         String jwt = JWTCreator.init()
                 .withClaim("name", "value")
                 .sign(Algorithm.HMAC256("secret"));
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoidmFsdWUifQ.4qDWJcNQHDVDW1iAcIgZNiu-qqJQ0RIq8X3ETijBx5k";
 
         assertThat(jwt, is(notNullValue()));
-        assertThat(jwt, is(token));
+        String[] parts = jwt.split("\\.");
+        assertThat(parts[1], is("eyJuYW1lIjoidmFsdWUifQ"));
     }
 
     @Test
     public void shouldAcceptCustomClaimOfTypeInteger() throws Exception {
         String jwt = JWTCreator.init()
                 .withClaim("name", 123)
                 .sign(Algorithm.HMAC256("secret"));
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoxMjN9.5i6ga8YMteicIeZrFZgJyW4OnI_2jpMaUXcDt-_jme4";
 
         assertThat(jwt, is(notNullValue()));
-        assertThat(jwt, is(token));
+        String[] parts = jwt.split("\\.");
+        assertThat(parts[1], is("eyJuYW1lIjoxMjN9"));
     }
 
     @Test
     public void shouldAcceptCustomClaimOfTypeDouble() throws Exception {
         String jwt = JWTCreator.init()
                 .withClaim("name", 23.45)
                 .sign(Algorithm.HMAC256("secret"));
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoyMy40NX0.aFNlMk3WiikukJq1jo4Tf8ztR180wjTfSpqec0xKKqU";
 
         assertThat(jwt, is(notNullValue()));
-        assertThat(jwt, is(token));
+        String[] parts = jwt.split("\\.");
+        assertThat(parts[1], is("eyJuYW1lIjoyMy40NX0"));
     }
 
     @Test
     public void shouldAcceptCustomClaimOfTypeBoolean() throws Exception {
         String jwt = JWTCreator.init()
                 .withClaim("name", true)
                 .sign(Algorithm.HMAC256("secret"));
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjp0cnVlfQ.jseAYuhVmT1boYrHQfn9wXmomWq_tdGfphLtG_2tj_M";
 
         assertThat(jwt, is(notNullValue()));
-        assertThat(jwt, is(token));
+        String[] parts = jwt.split("\\.");
+        assertThat(parts[1], is("eyJuYW1lIjp0cnVlfQ"));
     }
 
     @Test
@@ -203,31 +232,31 @@ public void shouldAcceptCustomClaimOfTypeDate() throws Exception {
         String jwt = JWTCreator.init()
                 .withClaim("name", date)
                 .sign(Algorithm.HMAC256("secret"));
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoxNDc4ODkxNTIxfQ.ZU1B1pDLYoJZhWD8h3_QsK5dViolxvL5Q43Yz9QIxL4";
 
         assertThat(jwt, is(notNullValue()));
-        assertThat(jwt, is(token));
+        String[] parts = jwt.split("\\.");
+        assertThat(parts[1], is("eyJuYW1lIjoxNDc4ODkxNTIxfQ"));
     }
 
     @Test
     public void shouldAcceptCustomArrayClaimOfTypeString() throws Exception {
         String jwt = JWTCreator.init()
                 .withArrayClaim("name", new String[]{"text", "123", "true"})
                 .sign(Algorithm.HMAC256("secret"));
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLCIxMjMiLCJ0cnVlIl19.lxM8EcmK1uSZRAPd0HUhXGZJdauRmZmLjoeqz4J9yAA";
 
         assertThat(jwt, is(notNullValue()));
-        assertThat(jwt, is(token));
+        String[] parts = jwt.split("\\.");
+        assertThat(parts[1], is("eyJuYW1lIjpbInRleHQiLCIxMjMiLCJ0cnVlIl19"));
     }
 
     @Test
     public void shouldAcceptCustomArrayClaimOfTypeInteger() throws Exception {
         String jwt = JWTCreator.init()
                 .withArrayClaim("name", new Integer[]{1, 2, 3})
                 .sign(Algorithm.HMAC256("secret"));
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbMSwyLDNdfQ.UEuMKRQYrzKAiPpPLhIVawWkKWA1zj0_GderrWUIyFE";
 
         assertThat(jwt, is(notNullValue()));
-        assertThat(jwt, is(token));
+        String[] parts = jwt.split("\\.");
+        assertThat(parts[1], is("eyJuYW1lIjpbMSwyLDNdfQ"));
     }
 }