jsonwebtoken
Advanced tools
Comparing version 6.0.1 to 6.1.0
10
index.js
@@ -74,10 +74,16 @@ var jws = require('jws'); | ||
if (parts[2].trim() === '' && secretOrPublicKey){ | ||
var hasSignature = parts[2].trim() !== ''; | ||
if (!hasSignature && secretOrPublicKey){ | ||
return done(new JsonWebTokenError('jwt signature is required')); | ||
} | ||
if (!secretOrPublicKey) { | ||
if (hasSignature && !secretOrPublicKey) { | ||
return done(new JsonWebTokenError('secret or public key must be provided')); | ||
} | ||
if (!hasSignature && !options.algorithms) { | ||
options.algorithms = ['none']; | ||
} | ||
if (!options.algorithms) { | ||
@@ -84,0 +90,0 @@ options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') || |
{ | ||
"name": "jsonwebtoken", | ||
"version": "6.0.1", | ||
"version": "6.1.0", | ||
"description": "JSON Web Token implementation (symmetric and asymmetric)", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -31,2 +31,20 @@ var jwt = require('../index'); | ||
it('should be able to validate unsigned token', function (done) { | ||
var header = { alg: 'none' }; | ||
var payload = { iat: Math.floor(Date.now() / 1000 ) }; | ||
var signed = jws.sign({ | ||
header: header, | ||
payload: payload, | ||
secret: priv, | ||
encoding: 'utf8' | ||
}); | ||
jwt.verify(signed, null, {typ: 'JWT'}, function(err, p) { | ||
assert.isNull(err); | ||
assert.deepEqual(p, payload); | ||
done(); | ||
}); | ||
}); | ||
describe('expiration', function () { | ||
@@ -33,0 +51,0 @@ // { foo: 'bar', iat: 1437018582, exp: 1437018583 } |
79520
1133