Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
youtransfer.settings.get(function(err, settings) {
var security = settings.security || {};
var salt = security.encryptionKey || '';
var user = jwt.decode(token, salt);
// Check for JWT expiration
var expires = new Date(user.exp);
if(Date.compare(expires, new Date()) < 0) {
user = null;
}
done(null, user);
});
module.exports = function(req, res, next){
if(!req.headers.authorization){
return handleError();
}
var token = req.headers.authorization.split(' ')[1];
var payload = jwt.decode(token, config.TOKEN_SECRET);
if(!payload.sub){
return handleError();
}
req.userId = payload.sub;
next();
};
it('should allow construction of a capability token', function() {
var c = new twilio.TaskRouterCapability('AC123', 'foobar', 'WS456', 'WK789');
var token = c.generate();
var decoded = jwt.decode(token, 'foobar');
expect(decoded).toBeDefined();
expect(decoded['iss']).toBe('AC123');
expect(decoded['account_sid']).toBe('AC123');
expect(decoded['channel']).toBe('WK789');
expect(decoded['workspace_sid']).toBe('WS456');
expect(decoded['worker_sid']).toBe('WK789');
expect(decoded['version']).toBe('v1');
expect(decoded['exp']).toEqual(Math.floor(new Date() / 1000) + 3600);
});
function getProperty(propertyName, token) {
var payload;
try {
payload = jwt.decode(token, null, true);
}
catch(err) {
return false;
}
if (!payload[propertyName]) return false;
return payload[propertyName];
}
function getJwt(token, secret){
var jwtObject;
try{
jwtObject = jwt.decode(token, secret);
}
catch(e){
return new ApiAuthRequestError({userMessage: 'access_token is invalid',statusCode: 401});
}
return jwtObject;
}
function decode(token: string, noVerify = false) {
const decoded = jwt.decode(token, secret || '', !secret || noVerify);
if (secret && !noVerify && !isValidTimestamp(decoded)) {
throw new Error('invalid timestamp');
}
log('decode(token: %j, secret: %j) => %j', token, secret, decoded);
return decoded;
}
function decode( token, key, algorithm ) {
try {
return jwt.decode( token, key, false, algorithm );
}
catch( err ) {
throw new AuthenticationFailureError( err.message );
}
}
function decode( token, key, algorithm ) {
try {
return jwt.decode( token, key, false, algorithm );
}
catch( err ) {
throw new AuthenticationFailureError( err.message );
}
}