decode invalid jwt token returns null

tdantas · tdantas · commit 69db3ac363de · 2014-08-03T12:41:04.000+01:00
diff --git a/index.js b/index.js
@@ -1,7 +1,8 @@
 var jws = require('jws');
 
 module.exports.decode = function (jwt) {
-  return jws.decode(jwt).payload;
+  var decoded = jws.decode(jwt);
+  return decoded && decoded.payload;
 };
 
 module.exports.sign = function(payload, secretOrPrivateKey, options) {
diff --git a/test/jwt.rs.tests.js b/test/jwt.rs.tests.js
@@ -135,5 +135,21 @@ describe('RS256', function() {
     });
   });
 
+  describe('when decoding a invalid jwt token', function() {
+    it('should return null', function(done) {
+      var payload = jwt.decode('whatever.token');
+      assert.isNull(payload);
+      done();
+    });
+  });
 
+  describe('when decoding a valid jwt token', function() {
+    it('should return the payload', function(done) {
+      var obj     = { foo: 'bar' };
+      var token   = jwt.sign(obj, priv, { algorithm: 'RS256' });
+      var payload = jwt.decode(token);
+      assert.deepEqual(payload, obj);
+      done();
+    });
+  });
 });
