Merge pull request #289 from DerDackel/update-jsonwebtoken

chore(deps): Upgraded vulnerable jsonwebtoken version
taimos · Mar 13, 2023 · c051522 · c051522
2 parents 55d2053 + d997b68
commit c051522
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 56 deletions.
diff --git a/package.json b/package.json
diff --git a/src/http/auth.ts b/src/http/auth.ts
@@ -52,10 +52,10 @@ const promisedVerify = (token: string): Promise<{ [name: string]: string }> => {
   return new Promise((resolve, reject) => {
     verify(token, (header: JwtHeader, cb: SigningKeyCallback) => {
       if (!header.kid) {
-        cb('no key id found');
+        cb(new Error('no key id found'));
       }
       getPublicKeys().then((keys) => {
-        cb(undefined, keys[header.kid!].pem);
+        cb(null, keys[header.kid!].pem);
       }, cb);
     }, { issuer: cognitoIssuer }, (err, decoded) => {
       if (err) {

diff --git a/yarn.lock b/yarn.lock