Pass token header to secret fetching function

Depending of function arity pass decoded header of the token.
This is to allow backward compatibilty.
This commit is contained in:
Sebastian Kalinowski 2019-06-16 19:16:32 +02:00
parent 5720a50798
commit e7c826735c

View File

@ -243,13 +243,18 @@ function getSecret (request, secret, token, callback) {
return callback({ code: 'invalid_token', message: 'jwt signature is required' });
}
let decodedToken = jwt.decode(token);
let decodedToken = jwt.decode(token, { complete: true });
if (!decodedToken) {
return callback({ code: 'invalid_token', message: 'jwt malformed' });
}
secret(request, decodedToken, callback);
const arity = secret.length;
if (arity == 4) {
secret(request, decodedToken.header, decodedToken.payload, callback);
} else { // arity == 3
secret(request, decodedToken.payload, callback);
}
} else {
callback(null, secret);
}