fix: use CWT tag per default

examples/generate.ts

@@ -7,8 +7,7 @@ async function main() {
         '403697de87af64611c1d32a05dab0fe1fcb715a86ab435f1ec99192d79569388',
         'hex'
       )
-    },
-    expectCwtTag: true
+    }
   });
   const base64encoded = await generator.generate(
     {

src/cat.test.ts

@@ -32,10 +32,10 @@
       ),
       kid: 'Symmetric256'
     };
-    await cat.mac(key, 'HS256', { addCwtTag: true });
+    await cat.mac(key, 'HS256');
     expect(cat.raw).toBeDefined();
     const macHex = cat.raw?.toString('hex');
     const token = Buffer.from(macHex!, 'hex');
     const newCat = new CommonAccessToken({});
     await newCat.parse(token, key, { expectCwtTag: true });
     expect(newCat.claims).toEqual(claims);
@@ -61,7 +61,7 @@
     };
     await cat.sign(signKey, 'ES256');
     const signedHex = cat.raw?.toString('hex');
     const token = Buffer.from(signedHex!, 'hex');
     const verifyKey = {
       x: Buffer.from(
         '143329cce7868e416927599cf65a34f3ce2ffda55a7eca69ed8919a394d42f0f',

src/cat.ts

@@ -147,16 +147,16 @@
  * Common Access Token Claims
  */
 export type CommonAccessTokenClaims = {
   [key: string]: string | number | Map<number | string, any>;
 };
 export type CommonAccessTokenDict = {
   [key: string]: string | number | { [key: string]: any };
 };
 export type CommonAccessTokenValue =
   | string
   | number
   | Buffer
   | Map<number | string, any>;
 
 /**
  * CWT Encryption Key
@@ -208,14 +208,14 @@
   for (const param in dict) {
     const key = claimsToLabels[param] ? claimsToLabels[param] : parseInt(param);
     if (key === claimsToLabels['catu'] && !(dict[param] instanceof Map)) {
       map.set(key, CommonAccessTokenUri.fromDict(dict[param] as any).payload);
     } else if (
       key === claimsToLabels['catr'] &&
       !(dict[param] instanceof Map)
     ) {
       map.set(
         key,
         CommonAccessTokenRenewal.fromDict(dict[param] as any).payload
       );
     } else if (
       key === claimsToLabels['cath'] &&
@@ -223,7 +223,7 @@
     ) {
       map.set(
         key,
         CommonAccessTokenHeader.fromDict(dict[param] as any).payload
       );
     } else if (
       key === claimsToLabels['catif'] &&
@@ -310,7 +310,7 @@
      * Options
      */
     opts?: {
-      addCwtTag: boolean;
+      noCwtTag: boolean;
     }
   ): Promise<void> {
     const headers = {
@@ -320,7 +320,7 @@
     const recipient = {
       key: key.k
     };
-    if (opts?.addCwtTag) {
+    if (!opts?.noCwtTag) {
       const plaintext = cbor.encode(this.payload);
       const coseMessage = await cose.mac.create(
         headers,

src/index.ts

@@ -234,7 +234,7 @@ export class CAT {
         throw new Error('Key not found');
       }
       await cat.mac({ k: key, kid: opts.kid }, opts.alg, {
-        addCwtTag: this.expectCwtTag
+        noCwtTag: !this.expectCwtTag
       });
       if (!cat.raw) {
         throw new Error('Failed to MAC token');
@@ -290,7 +290,7 @@ export class CAT {
         throw new Error('Key not found');
       }
       await cat.mac({ k: key, kid: opts.kid }, opts.alg, {
-        addCwtTag: this.expectCwtTag
+        noCwtTag: !this.expectCwtTag
       });
       if (!cat.raw) {
         throw new Error('Failed to MAC token');
@@ -324,7 +324,7 @@ export class CAT {
       throw new KeyNotFoundError();
     }
     await newCat.mac({ k: key, kid: opts.kid }, opts.alg, {
-      addCwtTag: this.expectCwtTag
+      noCwtTag: !this.expectCwtTag
     });
     if (!newCat.raw) {
       throw new Error('Failed to MAC token');

src/validators/http.ts

@@ -386,8 +386,7 @@ export class HttpValidator {
               }
               await newCat.mac(
                 { kid: keyid, k: this.keys[keyid] },
-                this.opts.alg || 'HS256',
-                { addCwtTag: true }
+                this.opts.alg || 'HS256'
               );
               const newToken = toBase64NoPadding(newCat.raw!);
               const encodedToken = encodeURIComponent(newToken!);