refactor: add explicit return types everywhere

src/jwe/compact/encrypt.ts

@@ -38,7 +38,7 @@ export class CompactEncrypt {
    *
    * @param cek JWE Content Encryption Key.
    */
-  setContentEncryptionKey(cek: Uint8Array) {
+  setContentEncryptionKey(cek: Uint8Array): this {
     this._flattened.setContentEncryptionKey(cek)
     return this
   }
@@ -52,7 +52,7 @@ export class CompactEncrypt {
    *
    * @param iv JWE Initialization Vector.
    */
-  setInitializationVector(iv: Uint8Array) {
+  setInitializationVector(iv: Uint8Array): this {
     this._flattened.setInitializationVector(iv)
     return this
   }
@@ -62,7 +62,7 @@ export class CompactEncrypt {
    *
    * @param protectedHeader JWE Protected Header object.
    */
-  setProtectedHeader(protectedHeader: CompactJWEHeaderParameters) {
+  setProtectedHeader(protectedHeader: CompactJWEHeaderParameters): this {
     this._flattened.setProtectedHeader(protectedHeader)
     return this
   }
@@ -74,7 +74,7 @@ export class CompactEncrypt {
    *
    * @param parameters JWE Key Management parameters.
    */
-  setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters) {
+  setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters): this {
     this._flattened.setKeyManagementParameters(parameters)
     return this
   }

src/jwe/flattened/encrypt.ts

@@ -66,7 +66,7 @@ export class FlattenedEncrypt {
    *
    * @param parameters JWE Key Management parameters.
    */
-  setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters) {
+  setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters): this {
     if (this._keyManagementParameters) {
       throw new TypeError('setKeyManagementParameters can only be called once')
     }
@@ -79,7 +79,7 @@ export class FlattenedEncrypt {
    *
    * @param protectedHeader JWE Protected Header.
    */
-  setProtectedHeader(protectedHeader: JWEHeaderParameters) {
+  setProtectedHeader(protectedHeader: JWEHeaderParameters): this {
     if (this._protectedHeader) {
       throw new TypeError('setProtectedHeader can only be called once')
     }
@@ -92,7 +92,7 @@ export class FlattenedEncrypt {
    *
    * @param sharedUnprotectedHeader JWE Shared Unprotected Header.
    */
-  setSharedUnprotectedHeader(sharedUnprotectedHeader: JWEHeaderParameters) {
+  setSharedUnprotectedHeader(sharedUnprotectedHeader: JWEHeaderParameters): this {
     if (this._sharedUnprotectedHeader) {
       throw new TypeError('setSharedUnprotectedHeader can only be called once')
     }
@@ -105,7 +105,7 @@ export class FlattenedEncrypt {
    *
    * @param unprotectedHeader JWE Per-Recipient Unprotected Header.
    */
-  setUnprotectedHeader(unprotectedHeader: JWEHeaderParameters) {
+  setUnprotectedHeader(unprotectedHeader: JWEHeaderParameters): this {
     if (this._unprotectedHeader) {
       throw new TypeError('setUnprotectedHeader can only be called once')
     }
@@ -118,7 +118,7 @@ export class FlattenedEncrypt {
    *
    * @param aad Additional Authenticated Data.
    */
-  setAdditionalAuthenticatedData(aad: Uint8Array) {
+  setAdditionalAuthenticatedData(aad: Uint8Array): this {
     this._aad = aad
     return this
   }
@@ -132,7 +132,7 @@ export class FlattenedEncrypt {
    *
    * @param cek JWE Content Encryption Key.
    */
-  setContentEncryptionKey(cek: Uint8Array) {
+  setContentEncryptionKey(cek: Uint8Array): this {
     if (this._cek) {
       throw new TypeError('setContentEncryptionKey can only be called once')
     }
@@ -149,7 +149,7 @@ export class FlattenedEncrypt {
    *
    * @param iv JWE Initialization Vector.
    */
-  setInitializationVector(iv: Uint8Array) {
+  setInitializationVector(iv: Uint8Array): this {
     if (this._iv) {
       throw new TypeError('setInitializationVector can only be called once')
     }

src/jwe/general/encrypt.ts

@@ -138,7 +138,7 @@ export class GeneralEncrypt {
    *
    * @param aad Additional Authenticated Data.
    */
-  setAdditionalAuthenticatedData(aad: Uint8Array) {
+  setAdditionalAuthenticatedData(aad: Uint8Array): this {
     this._aad = aad
     return this
   }

src/jwks/local.ts

@@ -250,7 +250,9 @@ async function importWithAlgCache<KeyLikeType extends KeyLike = KeyLike>(
  *
  * @param jwks JSON Web Key Set formatted object.
  */
-export function createLocalJWKSet<KeyLikeType extends KeyLike = KeyLike>(jwks: JSONWebKeySet) {
+export function createLocalJWKSet<KeyLikeType extends KeyLike = KeyLike>(
+  jwks: JSONWebKeySet,
+): (protectedHeader?: JWSHeaderParameters, token?: FlattenedJWSInput) => Promise<KeyLikeType> {
   const set = new LocalJWKSet<KeyLikeType>(jwks)
 
   const localJWKSet = async (

src/jws/compact/sign.ts

@@ -29,7 +29,7 @@ export class CompactSign {
    *
    * @param protectedHeader JWS Protected Header.
    */
-  setProtectedHeader(protectedHeader: CompactJWSHeaderParameters) {
+  setProtectedHeader(protectedHeader: CompactJWSHeaderParameters): this {
     this._flattened.setProtectedHeader(protectedHeader)
     return this
   }

src/jws/flattened/sign.ts

@@ -43,7 +43,7 @@ export class FlattenedSign {
    *
    * @param protectedHeader JWS Protected Header.
    */
-  setProtectedHeader(protectedHeader: JWSHeaderParameters) {
+  setProtectedHeader(protectedHeader: JWSHeaderParameters): this {
     if (this._protectedHeader) {
       throw new TypeError('setProtectedHeader can only be called once')
     }
@@ -56,7 +56,7 @@ export class FlattenedSign {
    *
    * @param unprotectedHeader JWS Unprotected Header.
    */
-  setUnprotectedHeader(unprotectedHeader: JWSHeaderParameters) {
+  setUnprotectedHeader(unprotectedHeader: JWSHeaderParameters): this {
     if (this._unprotectedHeader) {
       throw new TypeError('setUnprotectedHeader can only be called once')
     }

src/jwt/encrypt.ts

@@ -47,7 +47,7 @@ export class EncryptJWT extends ProduceJWT {
    * @param protectedHeader JWE Protected Header. Must contain an "alg" (JWE Algorithm) and "enc"
    *   (JWE Encryption Algorithm) properties.
    */
-  setProtectedHeader(protectedHeader: CompactJWEHeaderParameters) {
+  setProtectedHeader(protectedHeader: CompactJWEHeaderParameters): this {
     if (this._protectedHeader) {
       throw new TypeError('setProtectedHeader can only be called once')
     }
@@ -63,7 +63,7 @@ export class EncryptJWT extends ProduceJWT {
    *
    * @param parameters JWE Key Management parameters.
    */
-  setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters) {
+  setKeyManagementParameters(parameters: JWEKeyManagementHeaderParameters): this {
     if (this._keyManagementParameters) {
       throw new TypeError('setKeyManagementParameters can only be called once')
     }
@@ -80,7 +80,7 @@ export class EncryptJWT extends ProduceJWT {
    *
    * @param cek JWE Content Encryption Key.
    */
-  setContentEncryptionKey(cek: Uint8Array) {
+  setContentEncryptionKey(cek: Uint8Array): this {
     if (this._cek) {
       throw new TypeError('setContentEncryptionKey can only be called once')
     }
@@ -97,7 +97,7 @@ export class EncryptJWT extends ProduceJWT {
    *
    * @param iv JWE Initialization Vector.
    */
-  setInitializationVector(iv: Uint8Array) {
+  setInitializationVector(iv: Uint8Array): this {
     if (this._iv) {
       throw new TypeError('setInitializationVector can only be called once')
     }
@@ -110,7 +110,7 @@ export class EncryptJWT extends ProduceJWT {
    *
    * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-5.3 RFC7519#section-5.3}
    */
-  replicateIssuerAsHeader() {
+  replicateIssuerAsHeader(): this {
     this._replicateIssuerAsHeader = true
     return this
   }
@@ -120,7 +120,7 @@ export class EncryptJWT extends ProduceJWT {
    *
    * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-5.3 RFC7519#section-5.3}
    */
-  replicateSubjectAsHeader() {
+  replicateSubjectAsHeader(): this {
     this._replicateSubjectAsHeader = true
     return this
   }
@@ -130,7 +130,7 @@ export class EncryptJWT extends ProduceJWT {
    *
    * @see {@link https://www.rfc-editor.org/rfc/rfc7519#section-5.3 RFC7519#section-5.3}
    */
-  replicateAudienceAsHeader() {
+  replicateAudienceAsHeader(): this {
     this._replicateAudienceAsHeader = true
     return this
   }

src/jwt/produce.ts

@@ -28,7 +28,7 @@ export class ProduceJWT {
    *
    * @param issuer "Issuer" Claim value to set on the JWT Claims Set.
    */
-  setIssuer(issuer: string) {
+  setIssuer(issuer: string): this {
     this._payload = { ...this._payload, iss: issuer }
     return this
   }
@@ -38,7 +38,7 @@ export class ProduceJWT {
    *
    * @param subject "sub" (Subject) Claim value to set on the JWT Claims Set.
    */
-  setSubject(subject: string) {
+  setSubject(subject: string): this {
     this._payload = { ...this._payload, sub: subject }
     return this
   }
@@ -48,7 +48,7 @@ export class ProduceJWT {
    *
    * @param audience "aud" (Audience) Claim value to set on the JWT Claims Set.
    */
-  setAudience(audience: string | string[]) {
+  setAudience(audience: string | string[]): this {
     this._payload = { ...this._payload, aud: audience }
     return this
   }
@@ -58,7 +58,7 @@ export class ProduceJWT {
    *
    * @param jwtId "jti" (JWT ID) Claim value to set on the JWT Claims Set.
    */
-  setJti(jwtId: string) {
+  setJti(jwtId: string): this {
     this._payload = { ...this._payload, jti: jwtId }
     return this
   }
@@ -86,7 +86,7 @@ export class ProduceJWT {
    *
    * @param input "nbf" (Not Before) Claim value to set on the JWT Claims Set.
    */
-  setNotBefore(input: number | string | Date) {
+  setNotBefore(input: number | string | Date): this {
     if (typeof input === 'number') {
       this._payload = { ...this._payload, nbf: validateInput('setNotBefore', input) }
     } else if (input instanceof Date) {
@@ -120,7 +120,7 @@ export class ProduceJWT {
    *
    * @param input "exp" (Expiration Time) Claim value to set on the JWT Claims Set.
    */
-  setExpirationTime(input: number | string | Date) {
+  setExpirationTime(input: number | string | Date): this {
     if (typeof input === 'number') {
       this._payload = { ...this._payload, exp: validateInput('setExpirationTime', input) }
     } else if (input instanceof Date) {
@@ -155,7 +155,7 @@ export class ProduceJWT {
    *
    * @param input "iat" (Expiration Time) Claim value to set on the JWT Claims Set.
    */
-  setIssuedAt(input?: number | string | Date) {
+  setIssuedAt(input?: number | string | Date): this {
     if (typeof input === 'undefined') {
       this._payload = { ...this._payload, iat: epoch(new Date()) }
     } else if (input instanceof Date) {

src/jwt/sign.ts

@@ -113,7 +113,7 @@ export class SignJWT extends ProduceJWT {
    *
    * @param protectedHeader JWS Protected Header. Must contain an "alg" (JWS Algorithm) property.
    */
-  setProtectedHeader(protectedHeader: JWTHeaderParameters) {
+  setProtectedHeader(protectedHeader: JWTHeaderParameters): this {
     this._protectedHeader = protectedHeader
     return this
   }

src/util/decode_protected_header.ts

@@ -17,7 +17,7 @@ export type ProtectedHeaderParameters = JWSHeaderParameters & JWEHeaderParameter
  *
  * @param token JWE/JWS/JWT token in any JOSE serialization.
  */
-export function decodeProtectedHeader(token: string | object) {
+export function decodeProtectedHeader(token: string | object): ProtectedHeaderParameters {
   let protectedB64u!: unknown
 
   if (typeof token === 'string') {