Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(lib/extract_jwt): correctly parse comma terminated token #231

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

jrc2139
Copy link

@jrc2139 jrc2139 commented Mar 28, 2022

My stack is NestJs, Auth0, Passport, and GraphQL. I noticed that the parsed jwt token from the Authorization Header being passed from lib/verify_jwt.js#L4 was including a trailing comma like:

auth_params: {
    scheme: 'Bearer',
    value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c,
  }

This fix just checks if the token terminates with a comma and returns it without the comma.

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

@b-o-993
Copy link

b-o-993 commented Apr 7, 2022

looks good 👏

@Outternet
Copy link

Outternet commented Sep 9, 2022

This can be easily solved with a custom extractor, see an example of this case in the documentation of my pull request and furthermore this is not standard behaviour of nestjs, so I don't know why this happens to you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants