From abbabc588e3ea8b906fa0a0dcc83c91a3b5b5ea8 Mon Sep 17 00:00:00 2001
From: divlo <contact@divlo.fr>
Date: Wed, 30 Dec 2020 14:50:56 +0100
Subject: [PATCH] feat: add algorithms option

---
 src/authorize.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/authorize.ts b/src/authorize.ts
index 810f6d7..c445eb7 100644
--- a/src/authorize.ts
+++ b/src/authorize.ts
@@ -1,4 +1,4 @@
-import jwt from 'jsonwebtoken'
+import jwt, { Algorithm } from 'jsonwebtoken'
 import { Socket } from 'socket.io'
 
 import { UnauthorizedError } from './UnauthorizedError'
@@ -14,10 +14,11 @@ type SocketIOMiddleware = (
 
 interface AuthorizeOptions {
   secret: string
+  algorithms?: Algorithm[]
 }
 
 export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
-  const { secret } = options
+  const { secret, algorithms = ['HS256'] } = options
   return (socket, next) => {
     let token: string | null = null
     const authorizationHeader = socket.request.headers.authorization
@@ -43,7 +44,7 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
     socket = Object.assign(socket, { encodedToken: token })
     let payload: any
     try {
-      payload = jwt.verify(token, secret)
+      payload = jwt.verify(token, secret, { algorithms })
     } catch {
       return next(
         new UnauthorizedError('invalid_token', {