Skip to content

Expose and document existing 'json' option in jws.decode and jws.createVerify APIs #105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
loucadufault wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Expose and document existing 'json' option in jws.decode and jws.createVerify APIs #105

loucadufault wants to merge 1 commit into from

Conversation

@loucadufault
Copy link

@loucadufault loucadufault commented Jan 30, 2023

Description

The json option is currently accepted by the jws.decode API, although it is not documented in repo. From its usage, it seems it intends to enable configuring how the payload should be parsed when the typ is not set to 'JWT' on the JWS header.

This change:
a) documents the option as part of the API
b) adds support for the option via the jws.createVerify API, which will pass through the option to jws.decode internally.

Testing

Added tests for when:

  • the typ is set to 'JWT'

  • the typ is missing

  • the typ is invalid

  • the typ is invalid, but json option is set to true, forcing parsing of payload as JSON

  • handle null value for json option as expected

  • This change adds test coverage for new/changed/fixed functionality

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not the default branch

loucadufault
loucadufault commented Jan 30, 2023
View reviewed changes
lib/verify-stream.js
try {
var valid = jwsVerify(this.signature.buffer, this.algorithm, this.key.buffer);
var obj = jwsDecode(this.signature.buffer, this.encoding);
var obj = jwsDecode(this.signature.buffer, {json: this.json, encoding: this.encoding});
Copy link
Author

@loucadufault loucadufault Jan 30, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note: encoding option was previously not being passed correctly here, which is fine since it was ignored, see #86 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@loucadufault