auth0
diff --git a/‎package-lock.json
Lines changed: 138 additions & 40 deletions b/‎package-lock.json
Lines changed: 138 additions & 40 deletions
diff --git a/‎package.json
Lines changed: 2 additions & 4 deletions b/‎package.json
Lines changed: 2 additions & 4 deletions
diff --git a/‎src/index.ts
Lines changed: 2 additions & 2 deletions b/‎src/index.ts
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/util/set.ts
Lines changed: 26 additions & 0 deletions b/‎src/util/set.ts
Lines changed: 26 additions & 0 deletions
diff --git a/‎test/jwt.test.ts
Lines changed: 9 additions & 8 deletions b/‎test/jwt.test.ts
Lines changed: 9 additions & 8 deletions
@@ -35,12 +35,10 @@
   "dependencies": {
     "@types/jsonwebtoken": "^9",
     "express-unless": "^2.1.3",
-    "jsonwebtoken": "^9.0.0",
-    "lodash.set": "^4.3.2"
+    "jsonwebtoken": "^9.0.0"
   },
   "devDependencies": {
-    "@types/lodash": "^4.14.191",
-    "@types/lodash.set": "^4.3.7",
+    "@types/express": "^4.17.16",
     "@types/mocha": "^9.1.0",
     "@typescript-eslint/eslint-plugin": "^5.15.0",
     "@typescript-eslint/parser": "^5.15.0",
 
@@ -1,7 +1,7 @@
-import jwt from 'jsonwebtoken';
+import * as jwt from 'jsonwebtoken';
 import * as express from 'express';
 import { unless } from 'express-unless';
-import set from 'lodash.set';
+import { set } from './util/set';
 
 import { UnauthorizedError } from './errors/UnauthorizedError';
 
 
@@ -0,0 +1,26 @@
+// from https://stackoverflow.com/a/54733755
+export function set<T>(obj: T, path: string | string[], value: unknown): T {
+  if (typeof obj !== 'object') {
+    return obj;
+  }
+
+  if (typeof path === 'string') {
+    path = path.toString().match(/[^.[\]]+/g) || [];
+  }
+
+  path.slice(0, -1).reduce((a, c, i) => // Iterate all of them except the last one
+  {
+    return Object(a[c]) === a[c] // Does the key exist and is its value an object?
+
+      // Yes: then follow that path
+      ? a[c]
+      // No: create the key. Is the next key a potential array-index?
+      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+      // @ts-ignore
+      : a[c] = Math.abs(path[i + 1]) >> 0 === +path[i + 1]
+        ? [] // Yes: assign a new array object
+        : {};
+  }, // No: assign a new plain object
+    obj)[path[path.length - 1]] = value; // Finally assign the value to the last key
+  return obj; // Return the top-level object to allow chaining
+}
@@ -2,7 +2,7 @@
 import * as jwt from 'jsonwebtoken';
 import * as express from 'express';
 import { expressjwt, UnauthorizedError, Request, GetVerificationKey } from '../src';
-import assert from 'assert';
+import * as assert from 'assert';
 
 
 describe('failure tests', function () {
@@ -171,6 +171,7 @@ describe('failure tests', function () {
       onExpired: () => { },
     })(req, res, function (err) {
       assert.ok(!err);
+      //@ts-ignore
       assert.equal(req.auth.foo, 'bar');
       done();
     });
@@ -284,7 +285,7 @@ describe('work tests', function () {
     req.headers = {};
     req.headers.authorization = 'Bearer ' + token;
     expressjwt({ secret: secret, algorithms: ['HS256'] })(req, res, function () {
-      assert.equal(req.auth.foo, 'bar');
+      assert.equal(req.auth?.foo, 'bar');
       done();
     });
   });
@@ -299,7 +300,7 @@ describe('work tests', function () {
     req.headers = {};
     req.headers.authorization = 'Bearer ' + token;
     expressjwt({ secret: secret, algorithms: ['HS256'], requestProperty })(req, res, function () {
-      assert.equal(req.auth.payload.foo, 'bar');
+      assert.equal(req.auth?.payload.foo, 'bar');
       done();
     });
   });
@@ -313,7 +314,7 @@ describe('work tests', function () {
     req.headers = {};
     req.headers.authorization = 'Bearer ' + token;
     expressjwt({ secret: secret, algorithms: ['HS256'] })(req, res, function () {
-      assert.equal(req.auth.foo, 'bar');
+      assert.equal(req.auth?.foo, 'bar');
       done();
     });
   });
@@ -328,7 +329,7 @@ describe('work tests', function () {
     req.headers.Authorization = 'Bearer ' + token;
     expressjwt({ secret: secret, algorithms: ['HS256'] })(req, res, function (err) {
       if (err) { return done(err); }
-      assert.equal(req.auth.foo, 'bar');
+      assert.equal(req.auth?.foo, 'bar');
       done();
     });
   });
@@ -382,7 +383,7 @@ describe('work tests', function () {
       algorithms: ['HS256'],
       getToken: getTokenFromQuery
     })(req, res, function () {
-      assert.equal(req.auth.foo, 'bar');
+      assert.equal(req.auth?.foo, 'bar');
       done();
     });
   });
@@ -406,7 +407,7 @@ describe('work tests', function () {
       algorithms: ['HS256'],
       getToken: getTokenFromQuery
     })(req, res, function () {
-      assert.equal(req.auth.foo, 'bar');
+      assert.equal(req.auth?.foo, 'bar');
       done();
     });
   });
@@ -428,7 +429,7 @@ describe('work tests', function () {
     req.headers = {};
     req.headers.authorization = 'Bearer ' + token;
     expressjwt({ secret: getSecret, algorithms: ['HS256'] })(req, res, function () {
-      assert.equal(req.auth.foo, 'bar');
+      assert.equal(req.auth?.foo, 'bar');
       done();
     });
   });