Fix: jwt.decode doesn't throw, check null instead

glensc · glensc · commit ca382e9c1f01 · 2023-02-06T18:44:39.000+02:00
diff --git a/src/index.ts b/src/index.ts
@@ -160,12 +160,9 @@ export const expressjwt = (options: Params) => {
         }
       }
 
-      let decodedToken: jwt.Jwt;
-
-      try {
-        decodedToken = jwt.decode(token, { complete: true });
-      } catch (err) {
-        throw new UnauthorizedError('invalid_token', err);
+      const decodedToken = jwt.decode(token, { complete: true });
+      if (!decodedToken) {
+        throw new UnauthorizedError('invalid_token', { message: 'The token could not be decoded.' });
       }
 
       const key = await getVerificationKey(req, decodedToken);

Original file line number	Diff line number	Diff line change
`@@ -160,12 +160,9 @@ export const expressjwt = (options: Params) => {`
`160`	`160`	`}`
`161`	`161`	`}`
`162`	`162`
`163`		`- let decodedToken: jwt.Jwt;`
`164`		`-`
`165`		`- try {`
`166`		`- decodedToken = jwt.decode(token, { complete: true });`
`167`		`- } catch (err) {`
`168`		`- throw new UnauthorizedError('invalid_token', err);`
	`163`	`+ const decodedToken = jwt.decode(token, { complete: true });`
	`164`	`+ if (!decodedToken) {`
	`165`	`+ throw new UnauthorizedError('invalid_token', { message: 'The token could not be decoded.' });`
`169`	`166`	`}`
`170`	`167`
`171`	`168`	`const key = await getVerificationKey(req, decodedToken);`