Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jwt.verify is not async based on callback #984

Open
jazelly opened this issue Jan 18, 2025 · 1 comment
Open

jwt.verify is not async based on callback #984

jazelly opened this issue Jan 18, 2025 · 1 comment

Comments

@jazelly
Copy link

jazelly commented Jan 18, 2025
edited
Loading

Description

jwt.verify(token, secretOrPublicKey, [options, callback])
(Asynchronous) If a callback is supplied, function acts asynchronously. The callback is called with the decoded payload if the signature is valid and optional expiration, audience, or issuer are valid. If not, it will be called with the error.
(Synchronous) If a callback is not supplied, function acts synchronously. Returns the payload decoded if the signature is valid and optional expiration, audience, or issuer are valid. If not, it will throw the error.

Based on the doc, if a callback is supplied, function acts asynchronously. However, it is still a sync operation, considering the following example

jwt.verify(
  'token',
  'secret',
  () => {
    console.log(1);
  }
)
console.log(0);
// 1
// 0

I would expect it's 1 after 0 if it does async operation.

By looking at the implementation, looks like whether or not jwt.verify does async operation is purely based on the behaviour in secretOrPublicKey when it's provided as a function.

node-jsonwebtoken/verify.js

Line 101 in bc28861

return getSecret(header, function(err, secretOrPublicKey) {

@clarin-ebtio800090
Copy link

Hello, we tried to solve the issue.

This is what we did:

Modified the verify function to always behave asynchronously when a callback is provided. This is done by wrapping the main logic in a setImmediate call, ensuring that the callback is always called in the next event loop iteration.

You can review changes in this commit: clarin-ebtio800090@8203d35.

Caution

Disclaimer: The concept of solution was created by AI and you should never copy paste this code before you check the correctness of generated code. Solution might not be complete, you should use this code as an inspiration only.

Latta AI seeks to solve problems in open source projects as part of its mission to support developers around the world. Learn more about our mission at https://latta.ai/ourmission . If you no longer want Latta AI to attempt solving issues on your repository, you can block this account.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jazelly @clarin-ebtio800090