Skip to content

Commit

Permalink
Fix handling non string tokens (#305)
Browse files Browse the repository at this point in the history
  • Loading branch information
Ricardo Gama authored and ziluvatar committed Feb 3, 2017
1 parent 35d8415 commit 1b6ec8d
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 0 deletions.
41 changes: 41 additions & 0 deletions test/issue_304.tests.js
Original file line number Diff line number Diff line change
@@ -0,0 1,41 @@
var jwt = require('../index');
var expect = require('chai').expect;

describe('issue 304 - verifying values other than strings', function() {

it('should fail with numbers', function (done) {
jwt.verify(123, 'foo', function (err, decoded) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});

it('should fail with objects', function (done) {
jwt.verify({ foo: 'bar' }, 'biz', function (err, decoded) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});

it('should fail with arrays', function (done) {
jwt.verify(['foo'], 'bar', function (err, decoded) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});

it('should fail with functions', function (done) {
jwt.verify(function() {}, 'foo', function (err, decoded) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});

it('should fail with booleans', function (done) {
jwt.verify(true, 'foo', function (err, decoded) {
expect(err.name).to.equal('JsonWebTokenError');
done();
});
});

});
4 changes: 4 additions & 0 deletions verify.js
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 38,10 @@ module.exports = function (jwtString, secretOrPublicKey, options, callback) {
return done(new JsonWebTokenError('jwt must be provided'));
}

if (typeof jwtString !== 'string') {
return done(new JsonWebTokenError('jwt must be a string'));
}

var parts = jwtString.split('.');

if (parts.length !== 3){
Expand Down

0 comments on commit 1b6ec8d

Please sign in to comment.