Merge branch 'JackuB-empty_secretOrPublicKey'

Author: jfromaniello

index.js

@@ -122,6 +122,10 @@ JWT.verify = function(jwtString, secretOrPublicKey, options, callback) {
     return done(new JsonWebTokenError('jwt signature is required'));
   }
 
+  if (!secretOrPublicKey) {
+    return done(new JsonWebTokenError('secret or public key must be provided'));
+  }
+
   if (!options.algorithms) {
     options.algorithms = ~secretOrPublicKey.toString().indexOf('BEGIN CERTIFICATE') ||
                          ~secretOrPublicKey.toString().indexOf('BEGIN PUBLIC KEY') ?

test/undefined_secretOrPublickey.tests.js

@@ -0,0 +1,20 @@
+var fs = require('fs');
+var jwt = require('../index');
+var JsonWebTokenError = require('../lib/JsonWebTokenError');
+var expect = require('chai').expect;
+
+var TOKEN = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.t-IDcSemACt8x4iTMCda8Yhe3iZaWbvV5XKSTbuAn0M';
+
+describe('verifying without specified secret or public key', function () {
+  it('should not verify null', function () {
+    expect(function () {
+      jwt.verify(TOKEN, null);
+    }).to.throw(JsonWebTokenError, /secret or public key must be provided/);
+  });
+
+  it('should not verify undefined', function () {
+    expect(function () {
+      jwt.verify(TOKEN);
+    }).to.throw(JsonWebTokenError, /secret or public key must be provided/);
+  });
+});