Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JsonWebToken exposes Header Claims #3170

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

JsonWebToken exposes Header Claims #3170

wants to merge 1 commit into from

Conversation

keegan-caruso
Copy link
Contributor

JsonWebToken exposes Header Claims

The JsonWebToken should provide an API that allows access to the JWT header keys, values, and claim value types, this is done already through the Claim type.

Fixes #3164

@keegan-caruso keegan-caruso requested a review from a team as a code owner March 12, 2025 20:32
@keegan-caruso keegan-caruso requested review from Copilot and GeoK March 12, 2025 20:32
Copilot
Copilot AI reviewed Mar 12, 2025
View reviewed changes

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This pull request exposes the JWT header claims by adding an API to retrieve the header claims as a list of Claim objects. It also adds tests to ensure that the default header claims ("alg", "typ", and "kid") are present.

  • Added a new property HeaderClaims to return header claims.
  • Introduced a test case verifying the header claims count and content.

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenTests.cs Added test verifying the HeaderClaims API returns default claims.
src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs Added the HeaderClaims property to expose JWT header claims.
@github-actions GitHub Actions
Copy link

Summary

Summary
Generated on: 3/12/2025 - 8:47:18 PM
Coverage date: 3/12/2025 - 8:36:37 PM - 3/12/2025 - 8:46:52 PM
Parser: MultiReport (60x Cobertura)
Assemblies: 1
Classes: 7
Files: 2
Line coverage: 80.3% (620 of 772)
Covered lines: 620
Uncovered lines: 152
Coverable lines: 772
Total lines: 483
Branch coverage: 67.8% (228 of 336)
Covered branches: 228
Total branches: 336
Method coverage: Feature is only available for sponsors

Coverage

Microsoft.IdentityModel.JsonWebTokens - 80.3%
Name Line Branch
Microsoft.IdentityModel.JsonWebTokens 80.3% 67.8%
Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities 100%
System.Text.RegularExpressions.Generated 80.3% 67.8%
System.Text.RegularExpressions.Generated 80.3% 67.8%
System.Text.RegularExpressions.Generated.<RegexGenerator_g>F12A1AEDDDFE32BA
DF4DBFF323AF1BCB48B9F9721B7CD3E05F5E034CF225E3DF8__CreateJweRegex_1		 79.2% 68%
System.Text.RegularExpressions.Generated.<RegexGenerator_g>F12A1AEDDDFE32BA
DF4DBFF323AF1BCB48B9F9721B7CD3E05F5E034CF225E3DF8__CreateJwsRegex_0		 81.4% 67.6%
System.Text.RegularExpressions.Generated.<RegexGenerator_g>F334844C618E00D3
CEC5D3FE0D00CF0141BBEE98635313BB2CB8D3921464CE05A__CreateJweRegex_1		 79.2% 68%
System.Text.RegularExpressions.Generated.<RegexGenerator_g>F334844C618E00D3
CEC5D3FE0D00CF0141BBEE98635313BB2CB8D3921464CE05A__CreateJwsRegex_0		 81.4% 67.6%

keegan-caruso
keegan-caruso commented Mar 12, 2025
View reviewed changes
src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs
/// A <see cref="Claim"/> requires each value to be represented as a string. If the value was not a string, then <see cref="Claim.Type"/> contains the json type.
/// <see cref="JsonClaimValueTypes"/> and <see cref="ClaimValueTypes"/> to determine the json type.
/// </remarks>
public IReadOnlyList<Claim> HeaderClaims => Header.Claims(Issuer ?? ClaimsIdentity.DefaultIssuer);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternatives: Only expose header names, and then call GetHeaderValue(key) with each key from the header names, or reparse the encoded header

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@GeoK GeoK Awaiting requested review from GeoK

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Feature Request] JsonWebToken should expose more information about headers
1 participant
@keegan-caruso