You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 21, 2022. It is now read-only.
So I recently came across a test case that triggered a nil pointer dereference. This issue is not really in the package itself, but I believe the package is a bit misleading and the documented examples do not account for this:
If you use jwt.Parse() with an improperly formatted string, for example "totallynotvalid", Parse() returns an nil token and a populated err. If you then try and check token.Valid it will panic as token is nil.
I don't think this is a design flaw per se, but the documentation examples do not check err, and only check token.Valid which is misleading IMO.
I'd recommend returning a basic token with .Valid = false, OR at the very least change the documentation for all these methods to warn users it may return a nil token and err needs to be checked before dereferencing.
The text was updated successfully, but these errors were encountered:
So I recently came across a test case that triggered a nil pointer dereference. This issue is not really in the package itself, but I believe the package is a bit misleading and the documented examples do not account for this:
If you use jwt.Parse() with an improperly formatted string, for example "totallynotvalid", Parse() returns an nil token and a populated err. If you then try and check token.Valid it will panic as token is nil.
I don't think this is a design flaw per se, but the documentation examples do not check err, and only check token.Valid which is misleading IMO.
I'd recommend returning a basic token with .Valid = false, OR at the very least change the documentation for all these methods to warn users it may return a nil token and err needs to be checked before dereferencing.
The text was updated successfully, but these errors were encountered: