add header keyId and custom claims support

lbalmaceda · lbalmaceda · commit 6ea25dc3ac6f · 2016-11-14T16:35:01.000-03:00
diff --git a/README.md b/README.md
@@ -143,67 +143,110 @@ JWTVerifier verifier = JWT.require(Algorithm.RSA256(key))
 ```
 
 
-### Registered Claims
+### Header Claims
+
+#### Algorithm ("alg")
+
+Returns the Algorithm value or null if it's not defined in the Header.
+
+```java
+String algorithm = jwt.getAlgorithm();
+```
+
+#### Type ("typ")
+
+Returns the Type value or null if it's not defined in the Header.
+
+```java
+String type = jwt.getType();
+```
+
+#### Content Type ("cty")
+
+Returns the Content Type value or null if it's not defined in the Header.
+
+```java
+String contentType = jwt.getContentType();
+```
+
+#### Key Id ("kid")
+
+Returns the Key Id value or null if it's not defined in the Header.
+
+```java
+String keyId = jwt.getKeyId();
+```
+
+#### Private Claims
+
+Additional Claims defined in the token's Header can be obtained by calling `getHeaderClaim()` and passing the Claim name. A Claim will always be returned, even if it can't be found. You should always check for null values.
+
+```java
+Claim claim = jwt.getHeaderClaim("owner");
+```
+
+
+### Payload Claims
 
 #### Issuer ("iss")
 
-Returns the Issuer value or null if it's not defined.
+Returns the Issuer value or null if it's not defined in the Payload.
 
 ```java
 String issuer = jwt.getIssuer();
 ```
 
 #### Subject ("sub")
 
-Returns the Subject value or null if it's not defined.
+Returns the Subject value or null if it's not defined in the Payload.
 
 ```java
 String subject = jwt.getSubject();
 ```
 
 #### Audience ("aud")
 
-Returns the Audience value in or null if it's not defined.
+Returns the Audience value in or null if it's not defined in the Payload.
 
 ```java
 String[] audience = jwt.getAudience();
 ```
 
 #### Expiration Time ("exp")
 
-Returns the Expiration Time value or null if it's not defined.
+Returns the Expiration Time value or null if it's not defined in the Payload.
 
 ```java
 Date expiresAt = jwt.getExpiresAt();
 ```
 
 #### Not Before ("nbf")
 
-Returns the Not Before value or null if it's not defined.
+Returns the Not Before value or null if it's not defined in the Payload.
 
 ```java
 Date notBefore = jwt.getNotBefore();
 ```
 
 #### Issued At ("iat")
 
-Returns the Issued At value or null if it's not defined.
+Returns the Issued At value or null if it's not defined in the Payload.
 
 ```java
 Date issuedAt = jwt.getIssuedAt();
 ```
 
 #### JWT ID ("jti")
 
-Returns the JWT ID value or null if it's not defined.
+Returns the JWT ID value or null if it's not defined in the Payload.
 
 ```java
 String id = jwt.getId();
 ```
 
-### Private Claims
+#### Private Claims
 
-Additional Claims defined in the token can be obtained by calling `getClaim()` and passing the Claim name. A Claim will always be returned, even if it can't be found. You should always check for null values.
+Additional Claims defined in the token's Payload can be obtained by calling `getClaim()` and passing the Claim name. A Claim will always be returned, even if it can't be found. You should always check for null values.
 
 ```java
 Claim claim = jwt.getClaim("isAdmin");
diff --git a/lib/src/main/java/com/auth0/jwt/JWT.java b/lib/src/main/java/com/auth0/jwt/JWT.java
@@ -91,6 +91,11 @@ public Claim getClaim(String name) {
         return jwt.getClaim(name);
     }
 
+    @Override
+    public Claim getHeaderClaim(String name) {
+        return jwt.getHeaderClaim(name);
+    }
+
     @Override
     public String getAlgorithm() {
         return jwt.getAlgorithm();
@@ -105,4 +110,9 @@ public String getType() {
     public String getContentType() {
         return jwt.getContentType();
     }
+
+    @Override
+    public String getKeyId() {
+        return jwt.getKeyId();
+    }
 }
diff --git a/lib/src/main/java/com/auth0/jwt/JWTDecoder.java b/lib/src/main/java/com/auth0/jwt/JWTDecoder.java
@@ -67,6 +67,16 @@ public String getContentType() {
         return header.getContentType();
     }
 
+    @Override
+    public String getKeyId() {
+        return header.getKeyId();
+    }
+
+    @Override
+    public Claim getHeaderClaim(String name) {
+        return header.getHeaderClaim(name);
+    }
+
     @Override
     public String getIssuer() {
         return payload.getIssuer();
diff --git a/lib/src/main/java/com/auth0/jwt/impl/HeaderImpl.java b/lib/src/main/java/com/auth0/jwt/impl/HeaderImpl.java
@@ -1,5 +1,6 @@
 package com.auth0.jwt.impl;
 
+import com.auth0.jwt.interfaces.Claim;
 import com.auth0.jwt.interfaces.Header;
 import com.fasterxml.jackson.databind.JsonNode;
 
@@ -38,4 +39,14 @@ public String getType() {
     public String getContentType() {
         return extractClaim(CONTENT_TYPE, tree).asString();
     }
+
+    @Override
+    public String getKeyId() {
+        return extractClaim(KEY_ID, tree).asString();
+    }
+
+    @Override
+    public Claim getHeaderClaim(String name) {
+        return extractClaim(name, tree);
+    }
 }
diff --git a/lib/src/main/java/com/auth0/jwt/impl/PublicClaims.java b/lib/src/main/java/com/auth0/jwt/impl/PublicClaims.java
@@ -7,6 +7,7 @@ public abstract class PublicClaims {
     public static final String ALGORITHM = "alg";
     static final String CONTENT_TYPE = "cty";
     static final String TYPE = "typ";
+    static final String KEY_ID = "kid";
 
     //Payload
     public static final String ISSUER = "iss";
diff --git a/lib/src/main/java/com/auth0/jwt/interfaces/Header.java b/lib/src/main/java/com/auth0/jwt/interfaces/Header.java
@@ -26,4 +26,19 @@ public interface Header {
      */
     String getContentType();
 
+
+    /**
+     * Get the value of the "kid" claim, or null if it's not available.
+     *
+     * @return the Key ID value or null.
+     */
+    String getKeyId();
+
+    /**
+     * Get a Private Claim given it's name. If the Claim wasn't specified in the Header, a BaseClaim will be returned.
+     *
+     * @param name the name of the Claim to retrieve.
+     * @return a non-null Claim.
+     */
+    Claim getHeaderClaim(String name);
 }
diff --git a/lib/src/main/java/com/auth0/jwt/interfaces/Payload.java b/lib/src/main/java/com/auth0/jwt/interfaces/Payload.java
@@ -52,7 +52,7 @@ public interface Payload {
     /**
      * Get the value of the "jti" claim, or null if it's not available.
      *
-     * @return the Payload ID value or null.
+     * @return the JWT ID value or null.
      */
     String getId();
 
diff --git a/lib/src/test/java/com/auth0/jwt/JWTTest.java b/lib/src/test/java/com/auth0/jwt/JWTTest.java
@@ -307,6 +307,30 @@ public void shouldGetType() throws Exception {
         assertThat(jwt.getType(), is("JWS"));
     }
 
+    @Test
+    public void shouldGetKeyId() throws Exception {
+        String token = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtleSJ9.e30.von1Vt9tq9cn5ZYdX1f4cf2EE7fUvb5BCBlKOTm9YWs";
+        JWT jwt = JWT.require(Algorithm.HMAC256("secret"))
+                .build()
+                .verify(token);
+
+        assertThat(jwt, is(notNullValue()));
+        assertThat(jwt.getKeyId(), is("key"));
+    }
+
+    @Test
+    public void shouldGetCustomClaims() throws Exception {
+        String token = "eyJhbGciOiJIUzI1NiIsImlzQWRtaW4iOnRydWV9.eyJpc0FkbWluIjoibm9wZSJ9.YDKBAgUDbh0PkhioDcLNzdQ8c2Gdf_yS6zdEtJQS3F0";
+        JWT jwt = JWT.require(Algorithm.HMAC256("secret"))
+                .build()
+                .verify(token);
+
+        assertThat(jwt, is(notNullValue()));
+        assertThat(jwt.getHeaderClaim("isAdmin"), notNullValue());
+        assertThat(jwt.getHeaderClaim("isAdmin").asBoolean(), is(true));
+        assertThat(jwt.getClaim("isAdmin"), notNullValue());
+        assertThat(jwt.getClaim("isAdmin").asString(), is("nope"));
+    }
 
     // Sign
 
diff --git a/lib/src/test/java/com/auth0/jwt/impl/HeaderImplTest.java b/lib/src/test/java/com/auth0/jwt/impl/HeaderImplTest.java
@@ -9,6 +9,7 @@
 import org.junit.rules.ExpectedException;
 
 import java.util.HashMap;
+import java.util.Map;
 
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.*;
@@ -178,4 +179,46 @@ public void shouldGetNullContentTypeIfMissing() throws Exception {
         assertThat(header, is(notNullValue()));
         assertThat(header.getContentType(), is(nullValue()));
     }
+
+    @Test
+    public void shouldGetKeyId() throws Exception {
+        JsonNode kidNode = new TextNode("key");
+        HashMap<String, JsonNode> tree = new HashMap<>();
+        tree.put("kid", kidNode);
+        HeaderImpl header = new HeaderImpl(tree);
+
+        assertThat(header, is(notNullValue()));
+        assertThat(header.getKeyId(), is(notNullValue()));
+        assertThat(header.getKeyId(), is("key"));
+    }
+
+    @Test
+    public void shouldGetNullKeyIdIfMissing() throws Exception {
+        HashMap<String, JsonNode> tree = new HashMap<>();
+        HeaderImpl header = new HeaderImpl(tree);
+
+        assertThat(header, is(notNullValue()));
+        assertThat(header.getKeyId(), is(nullValue()));
+    }
+
+    @Test
+    public void shouldGetExtraClaim() throws Exception {
+        Map<String, JsonNode> tree = new HashMap<>();
+        tree.put("extraClaim", new TextNode("extraValue"));
+        HeaderImpl header = new HeaderImpl(tree);
+
+        assertThat(header, is(notNullValue()));
+        assertThat(header.getHeaderClaim("extraClaim"), is(instanceOf(ClaimImpl.class)));
+        assertThat(header.getHeaderClaim("extraClaim").asString(), is("extraValue"));
+    }
+
+    @Test
+    public void shouldGetNotNullExtraClaimIfMissing() throws Exception {
+        Map<String, JsonNode> tree = new HashMap<>();
+        HeaderImpl header = new HeaderImpl(tree);
+
+        assertThat(header, is(notNullValue()));
+        assertThat(header.getHeaderClaim("missing"), is(notNullValue()));
+        assertThat(header.getHeaderClaim("missing"), is(instanceOf(BaseClaim.class)));
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@ public interface Payload {`
`52`	`52`	`/**`
`53`	`53`	`* Get the value of the "jti" claim, or null if it's not available.`
`54`	`54`	`*`
`55`		`- * @return the Payload ID value or null.`
	`55`	`+ * @return the JWT ID value or null.`
`56`	`56`	`*/`
`57`	`57`	`String getId();`
`58`	`58`