express-jwt
Advanced tools
Comparing version 3.0.0 to 3.0.1
@@ -85,10 +85,15 @@ var jwt = require('jsonwebtoken'); | ||
var payload = jwt.decode(token); | ||
var dtoken = jwt.decode(token, { complete: true }) || {}; | ||
async.parallel([ | ||
function(callback){ | ||
secretCallback(req, payload, callback); | ||
var arity = secretCallback.length; | ||
if (arity == 4) { | ||
secretCallback(req, dtoken.header, dtoken.payload, callback); | ||
} else { // arity == 3 | ||
secretCallback(req, dtoken.payload, callback); | ||
} | ||
}, | ||
function(callback){ | ||
isRevokedCallback(req, payload, callback); | ||
isRevokedCallback(req, dtoken.payload, callback); | ||
} | ||
@@ -95,0 +100,0 @@ ], function(err, results){ |
{ | ||
"name": "express-jwt", | ||
"version": "3.0.0", | ||
"version": "3.0.1", | ||
"description": "JWT authentication middleware.", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -246,2 +246,18 @@ var jwt = require('jsonwebtoken'); | ||
}); | ||
it('should work with a secretCallback function that accepts header argument', function() { | ||
var secret = 'shhhhhh'; | ||
var secretCallback = function(req, headers, payload, cb) { | ||
assert.equal(headers.alg, 'HS256'); | ||
assert.equal(payload.foo, 'bar'); | ||
process.nextTick(function(){ return cb(null, secret) }); | ||
} | ||
var token = jwt.sign({foo: 'bar'}, secret); | ||
req.headers = {}; | ||
req.headers.authorization = 'Bearer ' + token; | ||
expressjwt({secret: secretCallback})(req, res, function() { | ||
assert.equal('bar', req.user.foo); | ||
}); | ||
}); | ||
}); |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
25134
456
1