From b5b711fd6ee5638552a29a0c39003aeb109caa94 Mon Sep 17 00:00:00 2001
From: Maxim-Inv <anisimov.m@gmail.com>
Date: Thu, 25 Jun 2020 21:10:34 +0300
Subject: [PATCH] Add typ, cty fields in the JWT header (#27)

* Missing typ field in the header #5

Add `typ` header as parameter making "JWT" the default.

* Add missing typ, cty fields in the header

* Update JWTSigner.swift

* minor fix

Co-authored-by: Lukas Kasakaitis <39021703+lukaskasa@users.noreply.github.com>
Co-authored-by: Maxim Anisimov <maxim@invoodoo.com>
---
 Sources/JWTKit/JWTSerializer.swift     | 6 +++++-
 Sources/JWTKit/Signing/JWTSigner.swift | 5 +++--
 Tests/JWTKitTests/JWTKitTests.swift    | 2 +-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/Sources/JWTKit/JWTSerializer.swift b/Sources/JWTKit/JWTSerializer.swift
index 5df812e8..d6a3c24f 100644
--- a/Sources/JWTKit/JWTSerializer.swift
+++ b/Sources/JWTKit/JWTSerializer.swift
@@ -4,7 +4,9 @@ struct JWTSerializer {
     func sign<Payload>(
         _ payload: Payload,
         using signer: JWTSigner,
-        kid: JWKIdentifier? = nil
+        typ: String = "JWT",
+        kid: JWKIdentifier? = nil,
+        cty: String? = nil
     ) throws -> String
         where Payload: JWTPayload
     {
@@ -14,6 +16,8 @@ struct JWTSerializer {
         // encode header, copying header struct to mutate alg
         var header = JWTHeader()
         header.kid = kid
+        header.typ = typ
+        header.cty = cty
         header.alg = signer.algorithm.name
 
         let headerData = try jsonEncoder.encode(header)
diff --git a/Sources/JWTKit/Signing/JWTSigner.swift b/Sources/JWTKit/Signing/JWTSigner.swift
index 7687d80e..b858a698 100644
--- a/Sources/JWTKit/Signing/JWTSigner.swift
+++ b/Sources/JWTKit/Signing/JWTSigner.swift
@@ -7,11 +7,12 @@ public final class JWTSigner {
     }
 
     public func sign<Payload>(
-        _ payload: Payload
+        _ payload: Payload,
+        cty: String? = nil
     ) throws -> String
         where Payload: JWTPayload
     {
-        try JWTSerializer().sign(payload, using: self, kid: nil)
+        try JWTSerializer().sign(payload, using: self, kid: nil, cty: cty)
     }
 
     public func unverified<Payload>(
diff --git a/Tests/JWTKitTests/JWTKitTests.swift b/Tests/JWTKitTests/JWTKitTests.swift
index b3e70bed..772591f9 100644
--- a/Tests/JWTKitTests/JWTKitTests.swift
+++ b/Tests/JWTKitTests/JWTKitTests.swift
@@ -40,7 +40,7 @@ class JWTKitTests: XCTestCase {
         let exp = ExpirationClaim(value: Date(timeIntervalSince1970: 2_000_000_000))
         let jwt = try JWTSigner.hs256(key: "secret".bytes)
             .sign(ExpirationPayload(exp: exp))
-        XCTAssertEqual(jwt, "eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjIwMDAwMDAwMDB9.4W6egHvMSp9bBiGUnE7WhVfXazOfg-ADcjvIYILgyPU")
+        XCTAssertEqual(jwt, "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjIwMDAwMDAwMDB9.JgCO_GqUQnbS0z2hCxJLE9Tpt5SMoZObHBxzGBWuTYQ")
     }
 
     func testSigners() throws {