fix: Security upgrade jsonwebtoken to 9.0.0 (#8431)

2023-02-17 05:52:48 +11:00
parent 30576f1091
commit 2c19c2e4d4
8 changed files with 333 additions and 330 deletions
--- a/src/Adapters/Auth/utils.js
+++ b/src/Adapters/Auth/utils.js
@@ -0,0 +1,13 @@
+const jwt = require('jsonwebtoken');
+const Parse = require('parse/node').Parse;
+const getHeaderFromToken = token => {
+  const decodedToken = jwt.decode(token, { complete: true });
+  if (!decodedToken) {
+    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `provided token does not decode as JWT`);
+  }
+
+  return decodedToken.header;
+};
+module.exports = {
+  getHeaderFromToken,
+};