verifyAuthentication () { return new Promise((resolve, reject) => { jwt.verify(this.access_token, this.jwt_secret, {issuer: process.env.OA_API_TOKEN_ISSUER}, (error, claims) => { if (error) { reject(); this.handleAuthenticationError('invalid access token ' + error.name); return; } // Verify CSRF token. if (claims.xsrf_token !== this.xsrf_token) { reject(); this.handleAuthenticationError('incorrect XSRF token'); return; } resolve(claims.sub); }); }); }
jwt.verify(token, Secret, verifyOptions, function (err, decoded) { if (err) { if (err.name === 'TokenExpiredError') return res.json({ status: "Failure", msg: "TOKEN_EXPIRED", details: { "error": "signin token expired" } }); else return res.json({ status: "Failure", msg: "TOKEN_ERROR", details: { "error": "unable to parse token" } }); } else { //fetch details from token and verify them next(); } });
jwt.verify(access_token, jwt_secret, {issuer: process.env.OA_API_TOKEN_ISSUER}, (error, claims) => { // Access token is invalid. if (error) { reject('Invalid access token ' + error.name); return; } // Access token or CSRF token is invalid. if (!skip_xsrf && xsrf_token !== claims.xsrf_token) { reject('Invalid XSRF token'); return; } const account = AccountsManager.getAccountById(claims.sub); if (!account) { reject('Account not found'); return; } // Get the account for the account ID provided by the access token. resolve({ account, refresh_token: claims.refresh_token }); });
if (err.name === "TokenExpiredError") { return deferred.reject(SESSION_EXPIRED);