The json option is currently accepted by the jws.decode API, although it is not documented in repo. From its usage, it seems it intends to enable configuring how the payload should be parsed when the typ is not set to 'JWT' on the JWS header.
This change:
a) documents the option as part of the API
b) adds support for the option via the jws.createVerify API, which will pass through the option to jws.decode internally.
Testing
Added tests for when:
the typ is set to 'JWT'
the typ is missing
the typ is invalid
the typ is invalid, but json option is set to true, forcing parsing of payload as JSON
handle null value for json option as expected
[X] This change adds test coverage for new/changed/fixed functionality
Checklist
[X] I have added documentation for new/changed functionality in this PR or in auth0.com/docs
[X] All active GitHub checks for tests, formatting, and security are passing
[X] The correct base branch is being used, if not the default branch
Description
The
json
option is currently accepted by thejws.decode
API, although it is not documented in repo. From its usage, it seems it intends to enable configuring how the payload should be parsed when thetyp
is not set to 'JWT' on the JWS header.This change: a) documents the option as part of the API b) adds support for the option via the
jws.createVerify
API, which will pass through the option tojws.decode
internally.Testing
Added tests for when:
the
typ
is set to 'JWT'the
typ
is missingthe
typ
is invalidthe
typ
is invalid, butjson
option is set to true, forcing parsing of payload as JSONhandle null value for
json
option as expected[X] This change adds test coverage for new/changed/fixed functionality
Checklist