expressJwtSecret can return undefined which is not reflected in GetVerificationKey type #328

AaronMoat · 2022-10-10T06:39:12Z

expressJwtSecret in the GetVerificationKey mode can return a Promise of undefined, e.g. here:

    if (!token) { return; }

but GetVerificationKey returns Secret | Promise<Secret> to which undefined or Promise are not assignable.

The typing for GetVerificationKey should include undefined.

This fails to compile:

const x: Awaited<ReturnType<GetVerificationKey>> = undefined;

The text was updated successfully, but these errors were encountered:

adamjmcgrath · 2022-10-10T12:16:13Z

Hi @AaronMoat - thanks for raising this

GetVerificationKey should either return a key or throw an error

It shouldn't be possibly to return any falsey value for key - so the types look ok to me

adamjmcgrath · 2022-10-10T12:23:18Z

Ah no, my bad - I see what you mean

AaronMoat mentioned this issue Oct 10, 2022

Fix GetVerificationKey typing to include undefined #329

Merged

2 tasks

adamjmcgrath added the question label Oct 10, 2022

adamjmcgrath added bug and removed question labels Oct 10, 2022

adamjmcgrath closed this as completed in #329 Oct 10, 2022

kylerm42 mentioned this issue Oct 13, 2022

update GetVerificationKey type to match node-jwks-rsa auth0/express-jwt#305

Merged

3 tasks

Provide feedback