cognito-express - npm Package Compare versions

Comparing version 2.0.18 to 2.0.19

lib/strategy.js

@@ -51,38 +51,42 @@ "use strict";
             let decodedJwt = jwt.decode(token, { complete: true });
+            try {
+                if (!decodedJwt) throw new TypeError('Not a valid JWT token');
 
-            if (!decodedJwt) return callback(`Not a valid JWT token`, null);
+                if (decodedJwt.payload.iss !== this.iss)
+                    throw new TypeError('token is not from your User Pool');
 
-            if (decodedJwt.payload.iss !== this.iss)
-                return callback(`token is not from your User Pool`, null);
+                if (decodedJwt.payload.token_use !== this.tokenUse)
+                    throw new TypeError(`Not an ${this.tokenUse} token`);
 
-            if (decodedJwt.payload.token_use !== this.tokenUse)
-                return callback(`Not an ${this.tokenUse} token`, null);
+                let kid = decodedJwt.header.kid;
+                let pem = this.pems[kid];
 
-            let kid = decodedJwt.header.kid;
-            let pem = this.pems[kid];
+                if (!pem) throw new TypeError(`Invalid ${this.tokenUse} token`);
 
-            if (!pem) return callback(`Invalid ${this.tokenUse} token`, null);
+                let params = {
+                    token: token,
+                    pem: pem,
+                    iss: this.iss,
+                    maxAge: this.tokenExpiration
+                };
+                if (callback) {
+                    jwtVerify(params, callback);
+                } else {
+                    return new Promise((resolve, reject) => {
+                        jwtVerify(params, (err, result) => {
+                            if (err) {
+                                reject(err);
+                            } else {
+                                resolve(result);
+                            }
+                        });
+                    });
+                }
+            } catch(err) {
+                if(!callback) throw err;
 
-            let params = {
-                token: token,
-                pem: pem,
-                iss: this.iss,
-                maxAge: this.tokenExpiration
-            };
-
-            if (callback) {
-                jwtVerify(params, callback);
-            } else {
-                return new Promise((resolve, reject) => {
-                    jwtVerify(params, (err, result) => {
-                        if (err) {
-                            reject(err);
-                        } else {
-                            resolve(result);
-                        }
-                    });
-                });
+                callback(err.message, null);
             }
         });
-        
+
         if (!callback) {
@@ -89,0 +93,0 @@ return p;

package.json

 {
    "name": "cognito-express",
-   "version": "2.0.18",
+   "version": "2.0.19",
    "description": "cognito-express authenticates API requests on a Node-Express application by verifying the signature of AccessToken or IDToken generated by Amazon Cognito.",
@@ -5,0 +5,0 @@ "main": "./lib/index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14066

increased by1.71%

Lines of code

129

increased by4.03%

No dependency changes