Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow the typ header field to have values other than JWT #277

Open
errhammr opened this issue Jul 16, 2023 · 1 comment
Open

Allow the typ header field to have values other than JWT #277

errhammr opened this issue Jul 16, 2023 · 1 comment
Labels
blocked

Comments

@errhammr
Copy link

Summary

The command line interface of jwt-cli alows the typ header field to be specified. The only value it accepts is JWT, though.

There are specifications that recommend or require the typ header field to be something other than JWT. For testing and debugging things using these tokens it would be convenient if jwt-cli allowed the typ header value to be set to a custom value.

Examples:

the "typ" value used SHOULD be "secevent+jwt".

For the PASSporT, the "typ" header MUST be the string "passport".

Steps to reproduce

$ jwt encode --secret @private-key.pem --alg ES256 --iss=demo --typ='secevent+jwt' 
error: invalid value 'secevent+jwt' for '--typ <type>'
  [possible values: jwt]

For more information, try '--help'.

Expected behavior

jwt-cli emits a JWT with the typ header field containing the value given in the --typ command line argument.
@mike-engel
Copy link
Owner

Thanks for the suggestion @errhammr! Unfortunately jsonwebtoken forces the value to be JWT. It would have to be fixed there before I could change it in this tool

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocked
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mike-engel @errhammr