Skip to content

Commit 16050be

Browse files
lbalmacedalbalmaceda
committed
set typ=JWT after signing the token
1 parent 2ed581e commit 16050be

3 files changed

Lines changed: 26 additions & 25 deletions

File tree

lib/src/main/java/com/auth0/jwt/JWTCreator.java

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ public Builder withHeader(Map<String, Object> headerClaims) {
7474
}
7575

7676
/**
77-
* Add a specific Issuer ("iss") claim.
77+
* Add a specific Issuer ("iss") claim to the Payload.
7878
*
7979
* @param issuer the Issuer value.
8080
* @return this same Builder instance.
@@ -85,7 +85,7 @@ public Builder withIssuer(String issuer) {
8585
}
8686

8787
/**
88-
* Add a specific Subject ("sub") claim.
88+
* Add a specific Subject ("sub") claim to the Payload.
8989
*
9090
* @param subject the Subject value.
9191
* @return this same Builder instance.
@@ -96,7 +96,7 @@ public Builder withSubject(String subject) {
9696
}
9797

9898
/**
99-
* Add a specific Audience ("aud") claim.
99+
* Add a specific Audience ("aud") claim to the Payload.
100100
*
101101
* @param audience the Audience value.
102102
* @return this same Builder instance.
@@ -107,7 +107,7 @@ public Builder withAudience(String... audience) {
107107
}
108108

109109
/**
110-
* Add a specific Expires At ("exp") claim.
110+
* Add a specific Expires At ("exp") claim to the Payload.
111111
*
112112
* @param expiresAt the Expires At value.
113113
* @return this same Builder instance.
@@ -118,7 +118,7 @@ public Builder withExpiresAt(Date expiresAt) {
118118
}
119119

120120
/**
121-
* Add a specific Not Before ("nbf") claim.
121+
* Add a specific Not Before ("nbf") claim to the Payload.
122122
*
123123
* @param notBefore the Not Before value.
124124
* @return this same Builder instance.
@@ -129,7 +129,7 @@ public Builder withNotBefore(Date notBefore) {
129129
}
130130

131131
/**
132-
* Add a specific Issued At ("iat") claim.
132+
* Add a specific Issued At ("iat") claim to the Payload.
133133
*
134134
* @param issuedAt the Issued At value.
135135
* @return this same Builder instance.
@@ -140,7 +140,7 @@ public Builder withIssuedAt(Date issuedAt) {
140140
}
141141

142142
/**
143-
* Add a specific JWT Id ("jti") claim.
143+
* Add a specific JWT Id ("jti") claim to the Payload.
144144
*
145145
* @param jwtId the Token Id value.
146146
* @return this same Builder instance.
@@ -261,6 +261,7 @@ public String sign(Algorithm algorithm) throws IllegalArgumentException, JWTCrea
261261
throw new IllegalArgumentException("The Algorithm cannot be null.");
262262
}
263263
headerClaims.put(PublicClaims.ALGORITHM, algorithm.getName());
264+
headerClaims.put(PublicClaims.TYPE, "JWT");
264265
return new JWTCreator(algorithm, headerClaims, payloadClaims).sign();
265266
}
266267

lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ public void shouldAddHeader() throws Exception {
3636
.sign(Algorithm.HMAC256("secret"));
3737

3838
assertThat(signed, is(notNullValue()));
39-
assertThat(TokenUtils.splitToken(signed)[0], is("eyJhbGciOiJIUzI1NiIsImFzZCI6MTIzfQ"));
39+
assertThat(TokenUtils.splitToken(signed)[0], is("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImFzZCI6MTIzfQ"));
4040
}
4141

4242
@Test
@@ -134,7 +134,7 @@ public void shouldSetCorrectAlgorithmInTheHeader() throws Exception {
134134
.sign(Algorithm.HMAC256("secret"));
135135

136136
assertThat(signed, is(notNullValue()));
137-
assertThat(TokenUtils.splitToken(signed)[0], is("eyJhbGciOiJIUzI1NiJ9"));
137+
assertThat(TokenUtils.splitToken(signed)[0], is("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9"));
138138
}
139139

140140
@Test
@@ -158,7 +158,7 @@ public void shouldAcceptCustomClaimOfTypeString() throws Exception {
158158
String jwt = JWTCreator.init()
159159
.withClaim("name", "value")
160160
.sign(Algorithm.HMAC256("secret"));
161-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoidmFsdWUifQ.4qDWJcNQHDVDW1iAcIgZNiu-qqJQ0RIq8X3ETijBx5k";
161+
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoidmFsdWUifQ.eR3DUeX142NjueZjkqCn_NqxJpb5k-Y55Oo0N-ap3rI";
162162

163163
assertThat(jwt, is(notNullValue()));
164164
assertThat(jwt, is(token));
@@ -169,7 +169,7 @@ public void shouldAcceptCustomClaimOfTypeInteger() throws Exception {
169169
String jwt = JWTCreator.init()
170170
.withClaim("name", 123)
171171
.sign(Algorithm.HMAC256("secret"));
172-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoxMjN9.5i6ga8YMteicIeZrFZgJyW4OnI_2jpMaUXcDt-_jme4";
172+
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoxMjN9.7Diqx9FPPuaw9ESwkZOHL2BARjqQz00qrHYOm0lKcgQ";
173173

174174
assertThat(jwt, is(notNullValue()));
175175
assertThat(jwt, is(token));
@@ -180,7 +180,7 @@ public void shouldAcceptCustomClaimOfTypeDouble() throws Exception {
180180
String jwt = JWTCreator.init()
181181
.withClaim("name", 23.45)
182182
.sign(Algorithm.HMAC256("secret"));
183-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoyMy40NX0.aFNlMk3WiikukJq1jo4Tf8ztR180wjTfSpqec0xKKqU";
183+
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoyMy40NX0.VwOI-xjYFthgT43b9EYcaOSIpGSD6PVLSCPuGzDuEnQ";
184184

185185
assertThat(jwt, is(notNullValue()));
186186
assertThat(jwt, is(token));
@@ -191,7 +191,7 @@ public void shouldAcceptCustomClaimOfTypeBoolean() throws Exception {
191191
String jwt = JWTCreator.init()
192192
.withClaim("name", true)
193193
.sign(Algorithm.HMAC256("secret"));
194-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjp0cnVlfQ.jseAYuhVmT1boYrHQfn9wXmomWq_tdGfphLtG_2tj_M";
194+
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjp0cnVlfQ.8L_Td4EtEAUuQeNCU0fuJEu78SS8K3Y5OOkFzYA81g8";
195195

196196
assertThat(jwt, is(notNullValue()));
197197
assertThat(jwt, is(token));
@@ -203,7 +203,7 @@ public void shouldAcceptCustomClaimOfTypeDate() throws Exception {
203203
String jwt = JWTCreator.init()
204204
.withClaim("name", date)
205205
.sign(Algorithm.HMAC256("secret"));
206-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoxNDc4ODkxNTIxfQ.ZU1B1pDLYoJZhWD8h3_QsK5dViolxvL5Q43Yz9QIxL4";
206+
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoxNDc4ODkxNTIxfQ.0esDU87VaYbx6KQDWhFrRPNzq3rl3vcHO8T21fao28U";
207207

208208
assertThat(jwt, is(notNullValue()));
209209
assertThat(jwt, is(token));
@@ -214,7 +214,7 @@ public void shouldAcceptCustomArrayClaimOfTypeString() throws Exception {
214214
String jwt = JWTCreator.init()
215215
.withArrayClaim("name", new String[]{"text", "123", "true"})
216216
.sign(Algorithm.HMAC256("secret"));
217-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLCIxMjMiLCJ0cnVlIl19.lxM8EcmK1uSZRAPd0HUhXGZJdauRmZmLjoeqz4J9yAA";
217+
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLCIxMjMiLCJ0cnVlIl19.TTP2tJjVdoOzKfIgDcn_MSP7XQpafeVCKVNE2Y3-0Hk";
218218

219219
assertThat(jwt, is(notNullValue()));
220220
assertThat(jwt, is(token));
@@ -225,7 +225,7 @@ public void shouldAcceptCustomArrayClaimOfTypeInteger() throws Exception {
225225
String jwt = JWTCreator.init()
226226
.withArrayClaim("name", new Integer[]{1, 2, 3})
227227
.sign(Algorithm.HMAC256("secret"));
228-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbMSwyLDNdfQ.UEuMKRQYrzKAiPpPLhIVawWkKWA1zj0_GderrWUIyFE";
228+
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbMSwyLDNdfQ.1AdYaNBWR8lPB0yOxUtnQjuOU7tzD4LWz2AWrziPUqA";
229229

230230
assertThat(jwt, is(notNullValue()));
231231
assertThat(jwt, is(token));

lib/src/test/java/com/auth0/jwt/JWTTest.java

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -353,7 +353,7 @@ public void shouldGetCustomClaims() throws Exception {
353353

354354
@Test
355355
public void shouldCreateAnEmptyHMAC256SignedToken() throws Exception {
356-
String headerAndPayload = "eyJhbGciOiJIUzI1NiJ9.e30.";
356+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.e30.";
357357

358358
String signed = JWT.create().sign(Algorithm.HMAC256("secret"));
359359
assertThat(signed, is(notNullValue()));
@@ -366,7 +366,7 @@ public void shouldCreateAnEmptyHMAC256SignedToken() throws Exception {
366366

367367
@Test
368368
public void shouldCreateAnEmptyHMAC384SignedToken() throws Exception {
369-
String headerAndPayload = "eyJhbGciOiJIUzM4NCJ9.e30.";
369+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.e30.";
370370

371371
String signed = JWT.create().sign(Algorithm.HMAC384("secret"));
372372
assertThat(signed, is(notNullValue()));
@@ -379,7 +379,7 @@ public void shouldCreateAnEmptyHMAC384SignedToken() throws Exception {
379379

380380
@Test
381381
public void shouldCreateAnEmptyHMAC512SignedToken() throws Exception {
382-
String headerAndPayload = "eyJhbGciOiJIUzUxMiJ9.e30.";
382+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.e30.";
383383

384384
String signed = JWT.create().sign(Algorithm.HMAC512("secret"));
385385
assertThat(signed, is(notNullValue()));
@@ -392,7 +392,7 @@ public void shouldCreateAnEmptyHMAC512SignedToken() throws Exception {
392392

393393
@Test
394394
public void shouldCreateAnEmptyRSA256SignedToken() throws Exception {
395-
String headerAndPayload = "eyJhbGciOiJSUzI1NiJ9.e30.";
395+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.e30.";
396396

397397
String signed = JWT.create().sign(Algorithm.RSA256((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA")));
398398
assertThat(signed, is(notNullValue()));
@@ -405,7 +405,7 @@ public void shouldCreateAnEmptyRSA256SignedToken() throws Exception {
405405

406406
@Test
407407
public void shouldCreateAnEmptyRSA384SignedToken() throws Exception {
408-
String headerAndPayload = "eyJhbGciOiJSUzM4NCJ9.e30.";
408+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCJ9.e30.";
409409

410410
String signed = JWT.create().sign(Algorithm.RSA384((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA")));
411411
assertThat(signed, is(notNullValue()));
@@ -418,7 +418,7 @@ public void shouldCreateAnEmptyRSA384SignedToken() throws Exception {
418418

419419
@Test
420420
public void shouldCreateAnEmptyRSA512SignedToken() throws Exception {
421-
String headerAndPayload = "eyJhbGciOiJSUzUxMiJ9.e30.";
421+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.e30.";
422422

423423
String signed = JWT.create().sign(Algorithm.RSA512((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA")));
424424
assertThat(signed, is(notNullValue()));
@@ -431,7 +431,7 @@ public void shouldCreateAnEmptyRSA512SignedToken() throws Exception {
431431

432432
@Test
433433
public void shouldCreateAnEmptyECDSA256SignedToken() throws Exception {
434-
String headerAndPayload = "eyJhbGciOiJFUzI1NiJ9.e30.";
434+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.e30.";
435435

436436
String signed = JWT.create().sign(Algorithm.ECDSA256((ECKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_256, "EC")));
437437
assertThat(signed, is(notNullValue()));
@@ -444,7 +444,7 @@ public void shouldCreateAnEmptyECDSA256SignedToken() throws Exception {
444444

445445
@Test
446446
public void shouldCreateAnEmptyECDSA384SignedToken() throws Exception {
447-
String headerAndPayload = "eyJhbGciOiJFUzM4NCJ9.e30.";
447+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCJ9.e30.";
448448

449449
String signed = JWT.create().sign(Algorithm.ECDSA384((ECKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_384, "EC")));
450450
assertThat(signed, is(notNullValue()));
@@ -457,7 +457,7 @@ public void shouldCreateAnEmptyECDSA384SignedToken() throws Exception {
457457

458458
@Test
459459
public void shouldCreateAnEmptyECDSA512SignedToken() throws Exception {
460-
String headerAndPayload = "eyJhbGciOiJFUzUxMiJ9.e30.";
460+
String headerAndPayload = "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiJ9.e30.";
461461

462462
String signed = JWT.create().sign(Algorithm.ECDSA512((ECKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_512, "EC")));
463463
assertThat(signed, is(notNullValue()));

0 commit comments

Comments
 (0)