search

golang / oauth2

Go OAuth2
https://golang.org/x/oauth2
BSD 3-Clause "New" or "Revised" License
5.32k stars 980 forks source link

jws: Header.Typ - add json annotation "omitempty" #192

Open ramoas opened 8 years ago

ramoas commented 8 years ago

Quoting from RFC 7515, typ is optional:

It [typ] will typically not be used by applications when the kind of object is already known. This parameter is ignored by JWS implementations; any processing of this parameter is performed by the JWS application. Use of this Header Parameter is OPTIONAL.

Thus, it would be nice to omit it when not set.

ramoas commented 8 years ago

Even in the context of a JWT, use of typ in the JOSE header remains optional. Quoting from RFC 7519:

This parameter is ignored by JWT implementations; any processing of this parameter is performed by the JWT application. If present, it is RECOMMENDED that its value be "JWT" to indicate that this object is a JWT. While media type names are not case sensitive, it is RECOMMENDED that "JWT" always be spelled using uppercase characters for compatibility with legacy implementations. Use of this Header Parameter is OPTIONAL.

matoous commented 3 years ago

This package is meant for internal use only since: https://github.com/golang/oauth2/commit/75e75ddc3d156dc8fc71c6f2ef3607cbdcfc8c27 so I doubt this will be added and I think this issue can be close.