All files / src/integrations passport.js

90.91% Statements 20/22
80.95% Branches 17/21
100% Functions 5/5
90.48% Lines 19/21

Press n or j to go to the next uncovered block, b, p or k for the previous block.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 432x 2x 2x   2x   2x 2x                 2x 9x 1x     8x 8x   8x 7x     7x 2x     5x 5x 3x       2x        
import jwt from 'jsonwebtoken';
import { ArgumentError } from '../errors';
import { JwksClient } from '../JwksClient';
 
const handleSigningKeyError = (err, cb) => {
  // If we didn't find a match, can't provide a key.
  Eif (err && err.name === 'SigningKeyNotFoundError') {
    return cb(null);
  }
 
  // If an error occured like rate limiting or HTTP issue, we'll bubble up the error.
  if (err) {
    return cb(err);
  }
};
 
module.exports.passportJwtSecret = (options) => {
  if (options === null || options === undefined) {
    throw new ArgumentError('An options object must be provided when initializing passportJwtSecret');
  }
 
  const client = new JwksClient(options);
  const onError = options.handleSigningKeyError || handleSigningKeyError;
 
  return function secretProvider(req, rawJwtToken, cb) {
    const decoded = jwt.decode(rawJwtToken, { complete: true })
 
    // Only RS256 is supported.
    if (!decoded || !decoded.header || decoded.header.alg !== 'RS256') {
      return cb(null, null);
    }
 
    client.getSigningKey(decoded.header.kid, (err, key) => {
      if (err) {
        return onError(err, (newError) => cb(newError, null));
      }
 
      // Provide the key.
      return cb(null, key.publicKey || key.rsaPublicKey);
    });
  };
};