Closed alzrck closed 2 years ago
sorry, my mistake on last note, deleted to avoid confusion.
What is the header you're referring to, any chance you can share some code snippet or link so we can better understand?
The smallest reproducible example would help us here..
for sure. im working with something called stir and shaken (specs: atis100082, atis100074, atis 100085 and the rfc's referenced from those documents, 8224, 8225,8226,7519, and others) One thing stir and shaken does is to use the ability to extend the passport token (a jwt) and this extension (at least part of it) is done in the Header. This is an example of this header for non-diverted call scenarios (atis100082)
{ "alg": "ES256", "typ": "passport", "ppt": "shaken", "x5u": "https://cert.example.org/passport.crt"}
for diverted/re routed calls (atis100085) header is
{"alg":"ES256","ppt":"div","typ":"passport","x5u":"https://cert.example2.net/passport.cer"}
So had the need to put extra headers manually, i modified the token.go to create a new method to allow this (maybe is not the better way but it works :) )
func NewWithClaimsAndHeaders(method SigningMethod, claims Claims, headers map[string]interface{}) *Token {
customHeader := make(map[string]interface{})
customHeader["typ"] = "JWT"
customHeader["alg"] = method.Alg()
for k, v := range headers {
if k != "alg" {
customHeader[k] = v
}
}
return &Token{
Header: customHeader,
Claims: claims,
Method: method,
}
}
BR
You can just use jwt.NewWithClaims
to retrieve a Token
object and just modify the Header
of it before signing it with SignedString
.
You can see an example here https://github.com/oxisto/oauth2go/blob/b135c891f36ea062cb72a9f8d34a7900e0bf3783/server_test.go#L61-L66
great!! thanks, that helped.
Hello, im trying jwt-go and found no way to modify header claims. Is there a way that im missing or i need to modify the code to accept it?
If you dont mind i can provide the diff after the change.
thanks in advance, BR