AJ ONeal 4 years ago
parent
commit
016d87b839
  1. 14
      keypairs.js

14
keypairs.js

@ -218,7 +218,7 @@ Keypairs.signJwt = function (opts) {
var claims = JSON.parse(JSON.stringify(opts.claims || {})); var claims = JSON.parse(JSON.stringify(opts.claims || {}));
header.typ = 'JWT'; header.typ = 'JWT';
if (!header.kid && false !== header.kid) { if (!header.kid && !header.jwk && false !== header.kid) {
header.kid = thumb; header.kid = thumb;
} }
if (!header.alg && opts.alg) { if (!header.alg && opts.alg) {
@ -294,11 +294,15 @@ Keypairs.signJws = function (opts) {
if (!protect.alg) { if (!protect.alg) {
protect.alg = alg(); protect.alg = alg();
} }
// There's a particular request where ACME / Let's Encrypt explicitly doesn't use a kid // There's a particular request where ACME / Let's Encrypt explicitly doesn't use a kid
if (false === protect.kid) { // There should be a kid unless it's `false` or there's a `jwk` (a self-signed JWS)
protect.kid = undefined; if (!protect.kid) {
} else if (!protect.kid) { if (false === protect.kid) {
protect.kid = thumb; protect.kid = undefined;
} else if (!protect.jwk) {
protect.kid = thumb;
}
} }
protectedHeader = JSON.stringify(protect); protectedHeader = JSON.stringify(protect);
} }

Loading…
Cancel
Save