Skip to content

Commit

Permalink
handle error on invalid tokens. Closes #134
Browse files Browse the repository at this point in the history
  • Loading branch information
jfromaniello committed Oct 4, 2016
1 parent 1dc2736 commit 4617101
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
8 changes: 7 additions & 1 deletion lib/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,13 @@ module.exports = function(options) {
}
}

var dtoken = jwt.decode(token, { complete: true }) || {};
var dtoken;

try {
dtoken = jwt.decode(token, { complete: true }) || {};
} catch (err) {
return next(new UnauthorizedError('invalid_token', err));
}

async.waterfall([
function getSecret(callback){
Expand Down
9 changes: 9 additions & 0 deletions test/jwt.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,15 @@ describe('failure tests', function () {
});
});

it('should throw if jwt is an invalid json', function() {
req.headers = {};
req.headers.authorization = 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.yJ1c2VybmFtZSI6InNhZ3VpYXIiLCJpYXQiOjE0NzEwMTg2MzUsImV4cCI6MTQ3MzYxMDYzNX0.foo';
expressjwt({secret: 'shhhh'})(req, res, function(err) {
assert.ok(err);
assert.equal(err.code, 'invalid_token');
});
});

it('should throw if authorization header is not valid jwt', function() {
var secret = 'shhhhhh';
var token = jwt.sign({foo: 'bar'}, secret);
Expand Down

0 comments on commit 4617101

Please sign in to comment.