Skip to content

feat: handle large number #111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jinxxxxxi wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: handle large number #111

jinxxxxxi wants to merge 1 commit into from

Conversation

@jinxxxxxi
Copy link

@jinxxxxxi jinxxxxxi commented Jul 31, 2025

Description

This PR addresses an issue in the node-jws library where decoding JSON Web Tokens (JWTs) containing large integers would result in a loss of precision. This issue occurs because JavaScript’s Number type cannot safely represent integers beyond Number.MAX_SAFE_INTEGER, causing the loss of accuracy.

Background:

The node service depends on tokens issued by upstream services (such as Go/Java services). Many of these tokens contain IDs stored as long integers. Since JavaScript cannot accurately handle such large values (e.g., larger than Number.MAX_SAFE_INTEGER), precision is lost when decoding these tokens. This problem leads to inaccurate processing of IDs in downstream logic.

Key Changes:

  1. I’ve refactored the safe parsing logic into a new safe-parse.js file to separate concerns and improve maintainability.
  2. Added a new utility function, safeJsonParseWithBigInt, to specifically handle large numbers by converting them into strings during the parsing process, preventing any loss of precision.
  3. Created unit tests in safeJsonParseWithBigInt.test.js to validate the behavior of the new utility function and ensure that large numbers are correctly handled.

This change ensures that large integers are decoded accurately as strings without loss of precision, which avoids breaking the existing behavior for non-large integers.

Reproduction Steps

To reproduce the issue and verify the fix, you can use the following payload:

'{"userId":13123213123163776887779878}'
  • When decoding this JWT with the previous logic, precision would be lost for the userId value.
  • After applying this PR, the userId will be decoded correctly as a string, preserving its full value.

References

  • No related posts or forum threads, as this is a code-level issue fix.

Testing

  • To test this fix, reviewers can:

    • Use JWTs with large integers, such as the userId value above, and ensure the number is correctly parsed as a string, without losing precision.
    • Review the new unit tests in safeJsonParseWithBigInt.test.js to confirm that the functionality works as expected.

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not the default branch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@iamkhajan iamkhajan iamkhajan approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jinxxxxxi @iamkhajan