Fix handling of array aud values

GaryGSC · GaryGSC · commit b9fe3171be9e · 2021-11-18T10:04:13.000-07:00
diff --git a/lib/index.js b/lib/index.js
@@ -191,8 +191,11 @@ async function authenticate (options, cache, headers) {
     const aud = verifiedJWTs.current.raw.aud
     if (aud) {
       // aud can be a string or an array: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3
-      if (typeof aud === 'string' && !aud.startsWith(options.basePath)) throw new AuthenticationError('Invalid aud in JWT')
-      if (!aud.some(audience => audience.startsWith(options.basePath))) throw new AuthenticationError('Invalid aud in JWT')
+      if (typeof aud === 'string') {
+        if (!aud.startsWith(options.basePath)) throw new AuthenticationError('Invalid aud in JWT')
+      } else {
+        if (!aud.some(audience => audience.startsWith(options.basePath))) throw new AuthenticationError('Invalid aud in JWT')
+      }
     }
   }
 

Original file line number	Diff line number	Diff line change
`@@ -191,8 +191,11 @@ async function authenticate (options, cache, headers) {`
`191`	`191`	`const aud = verifiedJWTs.current.raw.aud`
`192`	`192`	`if (aud) {`
`193`	`193`	`// aud can be a string or an array: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3`
`194`		`- if (typeof aud === 'string' && !aud.startsWith(options.basePath)) throw new AuthenticationError('Invalid aud in JWT')`
`195`		`- if (!aud.some(audience => audience.startsWith(options.basePath))) throw new AuthenticationError('Invalid aud in JWT')`
	`194`	`+ if (typeof aud === 'string') {`
	`195`	`+ if (!aud.startsWith(options.basePath)) throw new AuthenticationError('Invalid aud in JWT')`
	`196`	`+ } else {`
	`197`	`+ if (!aud.some(audience => audience.startsWith(options.basePath))) throw new AuthenticationError('Invalid aud in JWT')`
	`198`	`+ }`
`196`	`199`	`}`
`197`	`200`	`}`
`198`	`201`