diff --git a/jwt.go b/jwt.go index b33b3db..9bd4692 100644 --- a/jwt.go +++ b/jwt.go @@ -58,12 +58,13 @@ func (t *Token) Signature() []byte { } // Header representa JWT header data. -// See: https://tools.ietf.org/html/rfc7519#section-5 +// See: https://tools.ietf.org/html/rfc7519#section-5, https://tools.ietf.org/html/rfc7517 // type Header struct { Algorithm Algorithm `json:"alg"` Type string `json:"typ,omitempty"` // only "JWT" can be here ContentType string `json:"cty,omitempty"` + KeyID string `json:"kid,omitempty"` } // MarshalJSON implements the json.Marshaler interface. @@ -80,6 +81,10 @@ func (h *Header) MarshalJSON() ([]byte, error) { buf.WriteString(`","cty":"`) buf.WriteString(h.ContentType) } + if h.KeyID != "" { + buf.WriteString(`","kid":"`) + buf.WriteString(h.KeyID) + } buf.WriteString(`"}`) return buf.Bytes(), nil diff --git a/jwt_test.go b/jwt_test.go index 3a49f05..ff9bbc5 100644 --- a/jwt_test.go +++ b/jwt_test.go @@ -58,6 +58,10 @@ func TestMarshalHeader(t *testing.T) { &Header{Algorithm: RS256, Type: "JwT", ContentType: "token"}, `{"alg":"RS256","typ":"JwT","cty":"token"}`, ) + f( + &Header{Algorithm: RS256, Type: "JwT", ContentType: "token", KeyID: "test"}, + `{"alg":"RS256","typ":"JwT","cty":"token","kid":"test"}`, + ) } func TestSecurePrint(t *testing.T) {