support parsing header as custom type like we support for payload

Author: faogustavo

lib/src/commonMain/kotlin/co/touchlab/kjwt/model/JwtHeader.kt

@@ -22,7 +22,7 @@ import kotlinx.serialization.json.put
 @Serializable(with = JwtHeaderSerializer::class)
 public class JwtHeader internal constructor(
     internal val base64Encoded: String,
-    internal val jsonData: JsonObject,
+    @PublishedApi internal val jsonData: JsonObject,
 ) {
     internal constructor(jsonData: JsonObject) : this(
         base64Encoded = JwtJson.encodeToBase64Url(jsonData),

lib/src/commonMain/kotlin/co/touchlab/kjwt/model/JwtInstance.kt

@@ -20,6 +20,16 @@ public sealed class JwtInstance {
         payload.jsonData
     )
 
+    /**
+     * Deserializes the token header as type [T].
+     *
+     * @return the header deserialized into an instance of [T]
+     */
+    public inline fun <reified T> getHeader(): T = JwtJson.decodeFromJsonElement(
+        kotlinx.serialization.serializer<T>(),
+        header.jsonData
+    )
+
     /** Represents a JWE (encrypted) token with five compact-serialization parts. */
     public class Jwe internal constructor(
         override val header: JwtHeader,

…in/co/touchlab/kjwt/CustomPayloadTest.kt …in/co/touchlab/kjwt/CustomTypeParsing.ktlib/src/commonTest/kotlin/co/touchlab/kjwt/CustomPayloadTest.kt renamed to lib/src/commonTest/kotlin/co/touchlab/kjwt/CustomTypeParsing.kt lib/src/commonTest/kotlin/co/touchlab/kjwt/CustomPayloadTest.kt renamed to lib/src/commonTest/kotlin/co/touchlab/kjwt/CustomTypeParsing.kt

@@ -2,31 +2,38 @@
 
 package co.touchlab.kjwt
 
+import co.touchlab.kjwt.model.JwtHeader
 import co.touchlab.kjwt.model.JwtPayload
 import co.touchlab.kjwt.model.algorithm.EncryptionAlgorithm
 import co.touchlab.kjwt.model.algorithm.EncryptionContentAlgorithm
 import co.touchlab.kjwt.model.algorithm.SigningAlgorithm
 import io.kotest.core.spec.style.FunSpec
 import kotlinx.serialization.SerialName
 import kotlinx.serialization.Serializable
-import kotlinx.serialization.json.JsonObject
 import kotlin.test.assertEquals
 import kotlin.test.assertNull
 import kotlin.time.Clock
 import kotlin.time.Duration.Companion.hours
 
-// ---- Custom payload type used in all tests in this file ----
+// ---- Custom types used in all tests in this file ----
+
+@Serializable
+data class CustomHeader(
+    @SerialName(JwtHeader.ALG) val algorithm: String? = null,
+    @SerialName(JwtHeader.TYP) val type: String? = null,
+    @SerialName("kid") val keyId: String? = null,
+    @SerialName("x-custom") val custom: String? = null,
+)
 
 @Serializable
 data class UserClaims(
     @SerialName(JwtPayload.SUB) val subject: String? = null,
     @SerialName("role") val role: String? = null,
     @SerialName("level") val level: Int? = null,
     @SerialName("exp") val expSeconds: Long? = null,
-    private val jsonData: JsonObject = JsonObject(emptyMap()),
 )
 
-class CustomPayloadTest :
+class CustomTypeParsing :
     FunSpec({
 
         context("JWS") {
@@ -79,6 +86,114 @@ class CustomPayloadTest :
             }
         }
 
+        context("getHeader") {
+
+            test("JWS - deserializes standard header fields into custom type") {
+                val key = hs256Key()
+                val token =
+                    Jwt
+                        .builder()
+                        .subject("user-1")
+                        .signWith(SigningAlgorithm.HS256, key)
+                        .compact()
+
+                val jws =
+                    Jwt
+                        .parser()
+                        .verifyWith(SigningAlgorithm.HS256, key)
+                        .build()
+                        .parseSigned(token)
+
+                val header = jws.getHeader<CustomHeader>()
+                assertEquals("HS256", header.algorithm)
+                assertEquals("JWT", header.type)
+            }
+
+            test("JWS - custom extra header field is deserialized") {
+                val key = hs256Key()
+                val token =
+                    Jwt
+                        .builder()
+                        .subject("user-2")
+                        .header { extra("x-custom", "hello") }
+                        .signWith(SigningAlgorithm.HS256, key)
+                        .compact()
+
+                val jws =
+                    Jwt
+                        .parser()
+                        .verifyWith(SigningAlgorithm.HS256, key)
+                        .build()
+                        .parseSigned(token)
+
+                val header = jws.getHeader<CustomHeader>()
+                assertEquals("hello", header.custom)
+            }
+
+            test("JWS - absent optional header field is null") {
+                val key = hs256Key()
+                val token =
+                    Jwt
+                        .builder()
+                        .subject("user-3")
+                        .signWith(SigningAlgorithm.HS256, key)
+                        .compact()
+
+                val jws =
+                    Jwt
+                        .parser()
+                        .verifyWith(SigningAlgorithm.HS256, key)
+                        .build()
+                        .parseSigned(token)
+
+                val header = jws.getHeader<CustomHeader>()
+                assertNull(header.keyId)
+                assertNull(header.custom)
+            }
+
+            test("JWE - deserializes standard header fields into custom type") {
+                val cek = aesSimpleKey(128)
+                val token =
+                    Jwt
+                        .builder()
+                        .subject("enc-user-1")
+                        .encryptWith(cek, EncryptionAlgorithm.Dir, EncryptionContentAlgorithm.A128GCM)
+                        .compact()
+
+                val jwe =
+                    Jwt
+                        .parser()
+                        .decryptWith(EncryptionAlgorithm.Dir, cek)
+                        .build()
+                        .parseEncrypted(token)
+
+                val header = jwe.getHeader<CustomHeader>()
+                assertEquals("dir", header.algorithm)
+                assertEquals("JWT", header.type)
+            }
+
+            test("JWE - custom extra header field is deserialized") {
+                val cek = aesSimpleKey(128)
+                val token =
+                    Jwt
+                        .builder()
+                        .subject("enc-user-2")
+                        .header { extra("x-custom", "world") }
+                        .encryptWith(cek, EncryptionAlgorithm.Dir, EncryptionContentAlgorithm.A128GCM)
+                        .compact()
+
+                val jwe =
+                    Jwt
+                        .parser()
+                        .decryptWith(EncryptionAlgorithm.Dir, cek)
+                        .build()
+                        .parseEncrypted(token)
+
+                val header = jwe.getHeader<CustomHeader>()
+                assertEquals("world", header.custom)
+            }
+        }
+
         context("JWE") {
 
             test("parse encrypted Jwt custom type direct property access") {