using crit option to require payload

[vrseraphin]

Describe the bug

JWT.verify fails with errors indicating critical claims are missing even when the claim names are passed within the crit attribute of the options object. These claims are indeed there in the "payload". The library at present seems to be looking for these only within the header portion.

The specific issue is within jwsVerify and the call into the validateCrit
josetest2.zip

To Reproduce

Steps to reproduce the behaviour:

Expected behaviour
A clear and concise description of what you expected to happen.
I expect the JWT to be successfully validated with the identified critical claims are within the payload rather than the header.

Environment:

• jose version: [e.g. v1.0.0]
• node version: [e.g. v12.0.0]

Additional context
Add any other context about the problem here.

• [x ] the bug is happening on latest jose too.
• i have searched the issues tracker on github for similar issues and couldn't find anything related.

[panva]

@vrseraphin the crit option is for specifications extending how a payload is being processed through requiring JOSE Header fields and its attached change of processing. Such an extension is the b64 header from rfc7797

Also the docs are clear on this

crit: string[] Array of Critical Header Parameter names to recognize.

Its use is limited to acknowledging an extension may be used in a given context, it is not intended for requiring certain claims to be present in the payload - as a matter of fact

Its value is an array listing the Header Parameter names present in the JOSE Header that use those extensions. If any of the listed extension Header Parameters are not understood and supported by the recipient, then the JWS is invalid. Producers MUST NOT include Header Parameter names defined by this specification or [JWA] for use with JWS, duplicate names, or names that do not occur as Header Parameter names within the JOSE Header in the "crit" list.

In other words you’re not using neither the crit header parameter not the option right.