-
-
Notifications
You must be signed in to change notification settings - Fork 2.4k
Expand file tree
/
Copy pathisJWT.js
More file actions
37 lines (30 loc) · 1.04 KB
/
isJWT.js
File metadata and controls
37 lines (30 loc) · 1.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import assertString from './util/assertString';
import isBase64 from './isBase64';
function tryDecodeJSON(segment) {
if (!isBase64(segment, { urlSafe: true })) return false;
try {
// Normalize base64url alphabet to base64, then restore stripped padding
let b64 = segment.replace(/-/g, '+').replace(/_/g, '/');
while (b64.length % 4) b64 += '=';
const decoded = Buffer.from(b64, 'base64').toString('utf8');
const parsed = JSON.parse(decoded);
if (typeof parsed !== 'object') return false;
if (parsed === null) return false;
if (Array.isArray(parsed)) return false;
return true;
} catch (e) {
return false;
}
}
export default function isJWT(str) {
assertString(str);
const dotSplit = str.split('.');
if (dotSplit.length !== 3) return false;
const header = dotSplit[0];
const payload = dotSplit[1];
const signature = dotSplit[2];
if (!tryDecodeJSON(header)) return false;
if (!tryDecodeJSON(payload)) return false;
if (!isBase64(signature, { urlSafe: true })) return false;
return true;
}