Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
}
try {
const payload: ClientAuthCode = jwt.verify(
req.code,
authClient.secret,
{
audience: req.clientId,
subject: req.username,
issuer: process.env.JWT_ISSUER,
},
) as ClientAuthCode;
return await this.createJWT(payload, authClient);
} catch (error) {
if (error.name === 'TokenExpiredError') {
throw new HttpErrors.Unauthorized(AuthErrorKeys.CodeExpired);
// eslint-disable-next-line no-prototype-builtins
} else if (HttpErrors.HttpError.prototype.isPrototypeOf(error)) {
throw error;
} else {
throw new HttpErrors.Unauthorized(AuthErrorKeys.InvalidCredentials);
}
}
}