Fix check on undefined value

[SuliacLEGUILLOU]

So I ran into This issue with jsonwebtoken lib today

After playing a bit with the debugger, I ended up finding the check on undefined value.

There is a chance the real issue came from the the jsonwebtoken not populating the object and that my fix is scoped improperly so feel free to dissmiss it.

[SuliacLEGUILLOU]

PS: I don't like failing unit test so I also took the chance to update a bit the version target in travis

[omsmith]

So to make sure I'm understanding, you're trying to pass an encrypted private key when verifying a signature?

[SuliacLEGUILLOU]

Yes

Code is private but I am writing something like:

const fs = require('fs')
const JWT = require('jsonwebtoken')
const file = 'secretFile.pem'

var secret = { key: fs.readFileSync(file), passphrase: '123456' }

var token = JWT.sign({ user: 'bob'}, secret)

JWT.verify(token, secret, (err) => {
  // err: TypeError: key must be a string or a buffer or a KeyObject
})

Algo is RS256 with node 12

[omsmith]

That's never been intended to work. Before KeyObject support was added it accepted either a string or a Buffer, expecting either one to represent a public key.

Sounds like DefinitelyTyped's definitions for jsonwebtoken are incorrect.

Since you're on node12, give this a go:

const { createPrivateKey, createPublicKey } = require('crypto');
const fs = require('fs')
const JWT = require('jsonwebtoken')
const file = 'secretFile.pem'

const privateKey = createPrivateKey({ key: fs.readFileSync(file), passphrase: '123456' });

var token = JWT.sign({ user: 'bob'}, privateKey, { algorithm: 'RS256' })

const publicKey = createPublicKey(privateKey);

JWT.verify(token, publicKey, { algorithms: ['RS256'] }, (err) => {
  // err: TypeError: key must be a string or a buffer or a KeyObject
})

[SuliacLEGUILLOU]

Ho, I see

It worked fine, I guess I miss read the documentation.

Thanks for your help!