Skip to content

Commit

Permalink
Revert "allow type header to be omitted when parsing JWT strings"
Browse files Browse the repository at this point in the history 
This reverts commit 5d98e91.
  • Loading branch information
nefilim committed Jan 17, 2023
1 parent 5d98e91 commit 4c3db4b
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 33 deletions.
7 changes: 2 additions & 5 deletions core/src/main/kotlin/io/github/nefilim/kjwt/JWT.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ fun String?.toJWTKeyID(): JWTKeyID? = this?.let { JWTKeyID(it)}
@Serializable
data class JOSEHeader<T: JWSAlgorithm>(
@SerialName("alg") @Serializable(JWSAlgorithmSerializer::class) val algorithm: T,
@SerialName("typ") @Serializable(JOSETypeSerializer::class) val type: JOSEType? = null,
@SerialName("typ") @Serializable(JOSETypeSerializer::class) val type: JOSEType,
@SerialName("kid") val keyID: JWTKeyID? = null,
) {
fun toJSON(): String {
Expand Down Expand Up @@ -104,7 +104,6 @@ class JWT<T: JWSAlgorithm> private constructor(
prettyPrint = true
}

internal fun es256WithoutTypeHeader(claims: JWTClaimSetBuilder.() -> Unit): JWT<JWSES256Algorithm> = buildJWT(JOSEHeader(JWSES256Algorithm), claims)
fun es256(keyID: JWTKeyID? = null, claims: JWTClaimSetBuilder.() -> Unit): JWT<JWSES256Algorithm> = buildJWT(JOSEHeader(JWSES256Algorithm, JOSEType.JWT, keyID), claims)
fun es256k(keyID: JWTKeyID? = null, claims: JWTClaimSetBuilder.() -> Unit): JWT<JWSES256KAlgorithm> = buildJWT(JOSEHeader(JWSES256KAlgorithm, JOSEType.JWT, keyID), claims)
fun es384(keyID: JWTKeyID? = null, claims: JWTClaimSetBuilder.() -> Unit): JWT<JWSES384Algorithm> = buildJWT(JOSEHeader(JWSES384Algorithm, JOSEType.JWT, keyID), claims)
Expand Down Expand Up @@ -132,9 +131,7 @@ class JWT<T: JWSAlgorithm> private constructor(

val h = Either.catch {
format.decodeFromString(JOSEHeader.serializer(PolymorphicSerializer(JWSAlgorithm::class)), jwtDecodeString(parts[0]))
}.mapLeft {
println(it)
KJWTVerificationError.AlgorithmMismatch }.bind()
}.mapLeft { KJWTVerificationError.AlgorithmMismatch }.bind()
val claims = Either.catch { format.parseToJsonElement(jwtDecodeString(parts[1])) }.mapLeft { KJWTVerificationError.InvalidJWT }.bind()
val claimsMap = Either.catch { (claims as JsonObject) }.mapLeft { KJWTVerificationError.EmptyClaims }.bind()

Expand Down
28 changes: 0 additions & 28 deletions core/src/test/kotlin/io/github/nefilim/kjwt/JWTSpec.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ import io.github.nefilim.kjwt.ClaimsVerification.requiredOptionClaim
import io.github.nefilim.kjwt.ClaimsVerification.subject
import io.github.nefilim.kjwt.ClaimsVerification.validateClaims
import io.github.nefilim.kjwt.JWT.Companion.es256
import io.github.nefilim.kjwt.JWT.Companion.es256WithoutTypeHeader
import io.github.nefilim.kjwt.JWT.Companion.es256k
import io.github.nefilim.kjwt.JWT.Companion.es384
import io.github.nefilim.kjwt.JWT.Companion.es512
Expand Down Expand Up @@ -137,33 +136,6 @@ class JWTSpec: WordSpec() {
}
}

"decode JWT with missing type header" {
val rawJWT = es256WithoutTypeHeader {
subject("1234567890")
issuedAt(LocalDateTime.ofInstant(Instant.ofEpochSecond(1516239022), ZoneId.of("UTC")))
}
// create a token with a spec violating lowercase type of "jwt"
val jwtString = listOf(
"""
{
"alg": "${rawJWT.header.algorithm.headerID}"
}
""".trimIndent(),
"""
{
"sub": "${rawJWT.subject().getOrElse { "" }}",
"iat": ${rawJWT.issuedAt().map { it.toEpochSecond(ZoneOffset.UTC) }.getOrElse { 0 }}
}
""".trimIndent()
).joinToString(".") {
jwtEncodeBytes(it.toByteArray(Charsets.UTF_8))
}
JWT.decode(jwtString).shouldBeRight().also {
it.parts.size shouldBe 2
it.jwt shouldBe rawJWT
}
}

"support arbitrary JSON claim values" {
val thelist = listOf("tagA", "tagB", "tagC")
val rawJWT = es256 {
Expand Down

0 comments on commit 4c3db4b

Please sign in to comment.