Adding a way to configure token headers (closes #53).

src/Builder.php

@@ -181,6 +181,27 @@ protected function setRegisteredClaim($name, $value, $replicate)
         return $this;
     }
 
+    /**
+     * Configures a header item
+     *
+     * @param string $name
+     * @param mixed $value
+     *
+     * @return Builder
+     *
+     * @throws BadMethodCallException When data has been already signed
+     */
+    public function setHeader($name, $value)
+    {
+        if ($this->signature) {
+            throw new BadMethodCallException('You must unsign before make changes');
+        }
+
+        $this->headers[(string) $name] = $this->claimFactory->create($name, $value);
+
+        return $this;
+    }
+
     /**
      * Configures a claim item
      *

test/functional/EcdsaTokenTest.php

@@ -88,10 +88,12 @@ public function builderCanGenerateAToken()
                               ->setAudience('http://client.abc.com')
                               ->setIssuer('http://api.abc.com')
                               ->set('user', $user)
+                              ->setHeader('jki', '1234')
                               ->sign($this->signer, static::$ecdsaKeys['private'])
                               ->getToken();
 
         $this->assertAttributeInstanceOf(Signature::class, 'signature', $token);
+        $this->assertEquals('1234', $token->getHeader('jki'));
         $this->assertEquals('http://client.abc.com', $token->getClaim('aud'));
         $this->assertEquals('http://api.abc.com', $token->getClaim('iss'));
         $this->assertEquals($user, $token->getClaim('user'));

test/functional/HmacTokenTest.php

@@ -55,10 +55,12 @@ public function builderCanGenerateAToken()
                               ->setAudience('http://client.abc.com')
                               ->setIssuer('http://api.abc.com')
                               ->set('user', $user)
+                              ->setHeader('jki', '1234')
                               ->sign($this->signer, 'testing')
                               ->getToken();
 
         $this->assertAttributeInstanceOf(Signature::class, 'signature', $token);
+        $this->assertEquals('1234', $token->getHeader('jki'));
         $this->assertEquals('http://client.abc.com', $token->getClaim('aud'));
         $this->assertEquals('http://api.abc.com', $token->getClaim('iss'));
         $this->assertEquals($user, $token->getClaim('user'));

test/functional/RsaTokenTest.php

@@ -85,10 +85,12 @@ public function builderCanGenerateAToken()
                               ->setAudience('http://client.abc.com')
                               ->setIssuer('http://api.abc.com')
                               ->set('user', $user)
+                              ->setHeader('jki', '1234')
                               ->sign($this->signer, static::$rsaKeys['private'])
                               ->getToken();
 
         $this->assertAttributeInstanceOf(Signature::class, 'signature', $token);
+        $this->assertEquals('1234', $token->getHeader('jki'));
         $this->assertEquals('http://client.abc.com', $token->getClaim('aud'));
         $this->assertEquals('http://api.abc.com', $token->getClaim('iss'));
         $this->assertEquals($user, $token->getClaim('user'));

test/unit/BuilderTest.php

@@ -497,6 +497,39 @@ public function setMustKeepAFluentInterface()
         $this->assertSame($builder, $builder->set('userId', 2));
     }
 
+    /**
+     * @test
+     *
+     * @uses Lcobucci\JWT\Builder::__construct
+     *
+     * @covers Lcobucci\JWT\Builder::setHeader
+     */
+    public function setHeaderMustConfigureTheGivenClaim()
+    {
+        $builder = $this->createBuilder();
+        $builder->setHeader('userId', 2);
+
+        $this->assertAttributeEquals(
+            ['alg' => 'none', 'typ' => 'JWT', 'userId' => $this->defaultClaim],
+            'headers',
+            $builder
+        );
+    }
+
+    /**
+     * @test
+     *
+     * @uses Lcobucci\JWT\Builder::__construct
+     *
+     * @covers Lcobucci\JWT\Builder::setHeader
+     */
+    public function setHeaderMustKeepAFluentInterface()
+    {
+        $builder = $this->createBuilder();
+
+        $this->assertSame($builder, $builder->setHeader('userId', 2));
+    }
+
     /**
      * @test
      *
@@ -598,6 +631,32 @@ public function setMustRaiseExceptionWhenTokenHasBeenSigned()
         $builder->set('test', 123);
     }
 
+    /**
+     * @test
+     *
+     * @uses Lcobucci\JWT\Builder::__construct
+     * @uses Lcobucci\JWT\Builder::sign
+     * @uses Lcobucci\JWT\Builder::getToken
+     * @uses Lcobucci\JWT\Token
+     *
+     * @covers Lcobucci\JWT\Builder::setHeader
+     *
+     * @expectedException BadMethodCallException
+     */
+    public function setHeaderMustRaiseExceptionWhenTokenHasBeenSigned()
+    {
+        $signer = $this->getMock(Signer::class);
+        $signature = $this->getMock(Signature::class, [], [], '', false);
+
+        $signer->expects($this->any())
+               ->method('sign')
+               ->willReturn($signature);
+
+        $builder = $this->createBuilder();
+        $builder->sign($signer, 'test');
+        $builder->setHeader('test', 123);
+    }
+
     /**
      * @test
      *