fix: Security upgrade jsonwebtoken to 9.0.0 (#8420)

2023-02-07 22:45:30 +11:00
parent 4450ecbc01
commit f5bfe4571e
8 changed files with 114 additions and 98 deletions
--- a/src/Adapters/Auth/utils.js
+++ b/src/Adapters/Auth/utils.js
@@ -0,0 +1,13 @@
+const jwt = require('jsonwebtoken');
+const Parse = require('parse/node').Parse;
+const getHeaderFromToken = token => {
+  const decodedToken = jwt.decode(token, { complete: true });
+  if (!decodedToken) {
+    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `provided token does not decode as JWT`);
+  }
+
+  return decodedToken.header;
+};
+module.exports = {
+  getHeaderFromToken,
+};