diff --git a/packages/backend/src/tokens/jwt/signJwt.test.ts b/packages/backend/src/tokens/jwt/signJwt.test.ts index 9919f5ae65..fa193d55ce 100644 --- a/packages/backend/src/tokens/jwt/signJwt.test.ts +++ b/packages/backend/src/tokens/jwt/signJwt.test.ts @@ -8,9 +8,8 @@ import { publicJwks, signingJwks, } from '../fixtures'; -import { hasValidSignature } from './hasValidSignature'; import { __unstable__signJwt } from './signJwt'; -import { decodeJwt } from './verifyJwt'; +import { decodeJwt, hasValidSignature } from './verifyJwt'; export default (QUnit: QUnit) => { const { module, test } = QUnit; diff --git a/packages/backend/src/tokens/jwt/signJwt.ts b/packages/backend/src/tokens/jwt/signJwt.ts index 5729c8faa1..985851d01e 100644 --- a/packages/backend/src/tokens/jwt/signJwt.ts +++ b/packages/backend/src/tokens/jwt/signJwt.ts @@ -31,7 +31,9 @@ export async function __unstable__signJwt( const cryptoKey = await importKey(secret, algorithm, 'sign'); const header = options.header || { typ: 'JWT' }; + header.alg = options.algorithm; + payload.iat = Math.floor(Date.now() / 1000); const encodedHeader = encodeJwtData(header); const encodedPayload = encodeJwtData(payload);