Add 'header' ingredient to JWT Sign operation

Expose the 'header' option of the jsonwebtoken module [1] as an ingredient. This allows for adding and overwriting JWT header fields such as 'type' or 'kid'. [1]: https://github.com/auth0/node-jsonwebtoken?tab=readme-ov-file#usage
gchq · Jan 4, 2025 · c30c5bd · c30c5bd
1 parent 3822c6c
commit c30c5bd
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/src/core/operations/JWTSign.mjs b/src/core/operations/JWTSign.mjs
@@ -36,6 +36,11 @@ class JWTSign extends Operation {
                 name: "Signing algorithm",
                 type: "option",
                 value: JWT_ALGORITHMS
+            },
+            {
+                name: "Header",
+                type: "text",
+                value: "{}"
             }
         ];
     }
@@ -46,11 +51,12 @@ class JWTSign extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        const [key, algorithm] = args;
+        const [key, algorithm, header] = args;
 
         try {
             return jwt.sign(input, key, {
-                algorithm: algorithm === "None" ? "none" : algorithm
+                algorithm: algorithm === "None" ? "none" : algorithm,
+                header: JSON.parse(header),
             });
         } catch (err) {
             throw new OperationError(`Error: Have you entered the key correctly? The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.