-
-
Notifications
You must be signed in to change notification settings - Fork 601
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Default header 'typ' breaking Apple JWT requests #1070
Comments
Hi, do you mind sharing the conflicting Apple JWTs as well as the code you use to handle those JWTs with this library? |
Have you tried Lines 70 to 76 in 5494ca9
|
Yeah. Apple doesn't like the header type at all. It's dumb but it's Apple. |
We had other people using this library and successfully integrating with Apple (though I don't know details). Do you have links to their documentation stating that they expect the header not to be defined? Nevertheless, this library favours explicity. That means ensuring that downstream has an object that is a JWT (not some other types defined by the RFC group). At this point, I don't see a reason for changing the implementation. |
In namespace Lcobucci\JWT\Token\Builder:23, there is the line:
private array $headers = ['typ' => 'JWT', 'alg' => null];
The header typ => JWT is breaking requests with Apple JWT requests (such as APNS or Apple Books API requests).
Can you either (a) make Builder non-final so it can be subclassed and this variable can be easily overwritten or (b) can you remove this header from the default array?
The text was updated successfully, but these errors were encountered: