jsonwebtoken
Advanced tools
Comparing version 0.4.0 to 0.4.1
@@ -37,2 +37,9 @@ var jws = require('jws'); | ||
var parts = jwtString.split('.'); | ||
if (parts.length < 3) | ||
return callback(new Error('jwt malformed')); | ||
if (parts[2].trim() === '' && secretOrPublicKey) | ||
return callback(new Error('jwt signature is required')); | ||
var valid; | ||
@@ -39,0 +46,0 @@ try { |
{ | ||
"name": "jsonwebtoken", | ||
"version": "0.4.0", | ||
"version": "0.4.1", | ||
"description": "JSON Web Token implementation (symmetric and asymmetric)", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -96,2 +96,15 @@ # jsonwebtoken [![Build Status](https://secure.travis-ci.org/auth0/node-jsonwebtoken.png)](http://travis-ci.org/auth0/node-jsonwebtoken) | ||
### jwt.decode(token) | ||
(Synchronous) Returns the decoded payload without verifying if the signature is valid. | ||
`token` is the JsonWebToken string | ||
Example | ||
```js | ||
// get the decoded payload ignoring signature, no secretOrPrivateKey needed | ||
var decoded = jwt.decode(token); | ||
``` | ||
## Algorithms supported | ||
@@ -98,0 +111,0 @@ |
@@ -34,3 +34,13 @@ var jwt = require('../index'); | ||
it('should throw with secret and token not signed', function(done) { | ||
var signed = jwt.sign({ foo: 'bar' }, secret, { algorithm: 'none' }); | ||
var unsigned = signed.split('.')[0] + '.' + signed.split('.')[1] + '.'; | ||
jwt.verify(unsigned, 'secret', function(err, decoded) { | ||
assert.isUndefined(decoded); | ||
assert.isNotNull(err); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
}); |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
16909
198
136