Pass token header to secret fetching function

Depending of function arity pass decoded header of the token.
This is to allow backward compatibilty.
This commit is contained in:
Sebastian Kalinowski 2019-06-16 19:16:32 +02:00
parent 5720a50798
commit e7c826735c

View File

@ -243,13 +243,18 @@ function getSecret (request, secret, token, callback) {
return callback({ code: 'invalid_token', message: 'jwt signature is required' }); return callback({ code: 'invalid_token', message: 'jwt signature is required' });
} }
let decodedToken = jwt.decode(token); let decodedToken = jwt.decode(token, { complete: true });
if (!decodedToken) { if (!decodedToken) {
return callback({ code: 'invalid_token', message: 'jwt malformed' }); return callback({ code: 'invalid_token', message: 'jwt malformed' });
} }
secret(request, decodedToken, callback); const arity = secret.length;
if (arity == 4) {
secret(request, decodedToken.header, decodedToken.payload, callback);
} else { // arity == 3
secret(request, decodedToken.payload, callback);
}
} else { } else {
callback(null, secret); callback(null, secret);
} }