From 9a45d830bf1fe1bc1a1c7a4ba7fff28d8f170b90 Mon Sep 17 00:00:00 2001
From: StephanEggermont <stephan@stack.nl>
Date: Tue, 19 Aug 2025 14:03:52 +0200
Subject: [PATCH 1/2] Make the JOSE and subclass header properties accessible
 via #at: and #at:put: Add kid property directly to JOSEHeader. Add notBefore
 and jwtId claim names to JWTClaimsSet

---
 source/JSONWebToken-Core/JOSEHeader.class.st  | 21 +++++++++
 .../JSONWebToken-Core/JWTClaimsSet.class.st   | 43 +++++++++++++++++++
 2 files changed, 64 insertions(+)

diff --git a/source/JSONWebToken-Core/JOSEHeader.class.st b/source/JSONWebToken-Core/JOSEHeader.class.st
index 516ce2f..b46beee 100644
--- a/source/JSONWebToken-Core/JOSEHeader.class.st
+++ b/source/JSONWebToken-Core/JOSEHeader.class.st
@@ -26,6 +26,16 @@ JOSEHeader >> = aHeader [
 	^ aHeader hasSameElements: properties
 ]
 
+{ #category : 'accessing' }
+JOSEHeader >> at: aKey [
+	^ properties at: aKey
+]
+
+{ #category : 'accessing' }
+JOSEHeader >> at: aKey put: aValue [
+	properties at: aKey put: aValue
+]
+
 { #category : 'testing' }
 JOSEHeader >> hasSameElements: aDictionary [
 	^ (properties difference: aDictionary) isEmpty
@@ -36,6 +46,17 @@ JOSEHeader >> hash [
 	^ properties hash
 ]
 
+{ #category : 'accessing' }
+JOSEHeader >> kid [
+"Public Key ID"
+	^ properties at: 'kid'
+]
+
+{ #category : 'accessing' }
+JOSEHeader >> kid: anObject [
+	properties at: 'kid' put: anObject
+]
+
 { #category : 'accessing' }
 JOSEHeader >> typ [
 	^ self type
diff --git a/source/JSONWebToken-Core/JWTClaimsSet.class.st b/source/JSONWebToken-Core/JWTClaimsSet.class.st
index 38546c3..f2db5e7 100644
--- a/source/JSONWebToken-Core/JWTClaimsSet.class.st
+++ b/source/JSONWebToken-Core/JWTClaimsSet.class.st
@@ -1,5 +1,8 @@
 "
 A set of specific claims
+
+The registered claim names are: iss, sub, aud, exp, nbf, iat, jti
+None of the claims defined are intended to be mandatory to use or implement in all cases, but rather they provide a starting point for a set of useful, interoperable claims.
 "
 Class {
 	#name : 'JWTClaimsSet',
@@ -191,11 +194,41 @@ JWTClaimsSet >> issuer: anObject [
 	self iss: anObject
 ]
 
+{ #category : 'accessing' }
+JWTClaimsSet >> jti [
+	^ self at: 'jti'
+]
+
+{ #category : 'accessing' }
+JWTClaimsSet >> jti: aString [
+	self at: 'jti' put: aString
+]
+
+{ #category : 'accessing' }
+JWTClaimsSet >> jwtId [
+	^ self jti
+]
+
+{ #category : 'accessing' }
+JWTClaimsSet >> jwtId: aString [
+	self jti: aString
+]
+
 { #category : 'accessing' }
 JWTClaimsSet >> mimeType [
 	^ 'JWT'
 ]
 
+{ #category : 'accessing' }
+JWTClaimsSet >> nbf [
+	^ self at: 'nbf'
+]
+
+{ #category : 'accessing' }
+JWTClaimsSet >> nbf: aString [
+	self at: 'nbf' put: aString
+]
+
 { #category : 'accessing' }
 JWTClaimsSet >> nonce [
 	^ self at: 'nonce'
@@ -206,6 +239,16 @@ JWTClaimsSet >> nonce: anObject [
 	self at: 'nonce' put: anObject
 ]
 
+{ #category : 'accessing' }
+JWTClaimsSet >> notBefore [
+	^ self nbf
+]
+
+{ #category : 'accessing' }
+JWTClaimsSet >> notBefore: aString [
+	self nbf: aString
+]
+
 { #category : 'accessing' }
 JWTClaimsSet >> setClaims: aCollection [
 	claims := aCollection

From 9b255fa81d3ba45165b92eec0712971da8917e06 Mon Sep 17 00:00:00 2001
From: Norbert Hartl <norbert@2denker.de>
Date: Tue, 19 Aug 2025 16:13:36 +0200
Subject: [PATCH 2/2] added lenient way of access to headers as well

---
 source/JSONWebToken-Core/JOSEHeader.class.st  | 28 +++++++++++++++++--
 .../JSONWebToken-Core/JWTClaimsSet.class.st   |  2 +-
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/source/JSONWebToken-Core/JOSEHeader.class.st b/source/JSONWebToken-Core/JOSEHeader.class.st
index b46beee..9c3a4d1 100644
--- a/source/JSONWebToken-Core/JOSEHeader.class.st
+++ b/source/JSONWebToken-Core/JOSEHeader.class.st
@@ -5,7 +5,8 @@ Class {
 	#name : 'JOSEHeader',
 	#superclass : 'Object',
 	#instVars : [
-		'properties'
+		'properties',
+		'strict'
 	],
 	#category : 'JSONWebToken-Core-Headers',
 	#package : 'JSONWebToken-Core',
@@ -27,8 +28,11 @@ JOSEHeader >> = aHeader [
 ]
 
 { #category : 'accessing' }
-JOSEHeader >> at: aKey [
-	^ properties at: aKey
+JOSEHeader >> at: aString [
+
+	^ strict
+		  ifTrue: [ properties at: aString ]
+		  ifFalse: [ properties at: aString ifAbsent: nil ]
 ]
 
 { #category : 'accessing' }
@@ -36,6 +40,18 @@ JOSEHeader >> at: aKey put: aValue [
 	properties at: aKey put: aValue
 ]
 
+{ #category : 'initialization' }
+JOSEHeader >> beLenient [
+
+	strict := false
+]
+
+{ #category : 'initialization' }
+JOSEHeader >> beStrict [
+
+	strict := true
+]
+
 { #category : 'testing' }
 JOSEHeader >> hasSameElements: aDictionary [
 	^ (properties difference: aDictionary) isEmpty
@@ -46,6 +62,12 @@ JOSEHeader >> hash [
 	^ properties hash
 ]
 
+{ #category : 'initialization' }
+JOSEHeader >> initialize [ 
+	super initialize.
+	strict := true
+]
+
 { #category : 'accessing' }
 JOSEHeader >> kid [
 "Public Key ID"
diff --git a/source/JSONWebToken-Core/JWTClaimsSet.class.st b/source/JSONWebToken-Core/JWTClaimsSet.class.st
index f2db5e7..1439386 100644
--- a/source/JSONWebToken-Core/JWTClaimsSet.class.st
+++ b/source/JSONWebToken-Core/JWTClaimsSet.class.st
@@ -32,7 +32,7 @@ JWTClaimsSet >> at: aString [
 
 	^ strict
 		  ifTrue: [ claims at: aString ]
-		  ifFalse: [ claims at: aString ifAbsent: [  ] ]
+		  ifFalse: [ claims at: aString ifAbsent: nil ]
 ]
 
 { #category : 'accessing - basic' }