Description
The parseJwt function in zmscitizenview/src/utils/auth.ts currently lacks defensive checks and proper error handling, which can lead to uncaught errors when processing malformed tokens.
Problems
-
No token structure validation: token.split(".")[1] will be undefined for malformed tokens, causing .replace() to fail with a cryptic error instead of a clear validation failure.
-
Missing base64url padding handling: atob() throws on improperly padded input, which some JWT payloads require. The function doesn't add proper padding before decoding.
-
No error context: JSON.parse() and atob() errors propagate without context, making debugging difficult for consumers of this function.
Expected Behavior
The function should:
- Validate the token structure before processing
- Handle base64url padding correctly
- Provide clear error messages with context when parsing fails
Related Links
Description
The
parseJwtfunction inzmscitizenview/src/utils/auth.tscurrently lacks defensive checks and proper error handling, which can lead to uncaught errors when processing malformed tokens.Problems
No token structure validation:
token.split(".")[1]will beundefinedfor malformed tokens, causing.replace()to fail with a cryptic error instead of a clear validation failure.Missing base64url padding handling:
atob()throws on improperly padded input, which some JWT payloads require. The function doesn't add proper padding before decoding.No error context:
JSON.parse()andatob()errors propagate without context, making debugging difficult for consumers of this function.Expected Behavior
The function should:
Related Links