Change DPOP to not make KID required.

Author: Potherca

src/Utils/DPop.php

@@ -87,18 +87,20 @@ public function getWebId($request) {
 	 * @throws RequiredConstraintsViolated
 	 */
 	public function getDpopKey($dpop, $request) {
+		$kid = '';
+
 		$this->validateDpop($dpop, $request);
 
 		// 1.  the string value is a well-formed JWT,
 		$jwtConfig = Configuration::forUnsecuredSigner();
 		$dpop = $jwtConfig->parser()->parse($dpop);
 		$jwk  = $dpop->headers()->get("jwk");
 
-		if (isset($jwk['kid']) === false) {
-			throw new InvalidTokenException('Key ID is missing from JWK header');
+		if (isset($jwk['kid'])) {
+			$kid = $jwk['kid'];
 		}
 
-		return $jwk['kid'];
+		return $kid;
 	}
 
 	private function validateJwtDpop($jwt, $dpopKey) {

tests/unit/Utils/DPOPTest.php

@@ -311,7 +311,7 @@ final public function testGetWebIdWithoutDpop(): void
     }
 
     /**
-     * @testdox Dpop SHOULD complain WHEN asked to get WebId from Request with valid DPOP without JWT Key Id
+     * @testdox Dpop SHOULD return given "sub" WHEN asked to get WebId from Request with valid DPOP without JWT Key Id
      *
      * @covers ::getWebId
      *
@@ -340,10 +340,10 @@ final public function testGetWebIdWithDpopWithoutKeyId(): void
             'HTTP_DPOP' => $token['token'],
         ),array(), $this->url);
 
-        $this->expectException(InvalidTokenException::class);
-        $this->expectExceptionMessage('Key ID is missing from JWK header');
+        $actual = $dpop->getWebId($request);
+        $expected = 'mock sub';
 
-        $dpop->getWebId($request);
+        $this->assertEquals($expected, $actual);
     }
 
     /**