From 3d80039e8b64402b615a924ff82f6562405ff705 Mon Sep 17 00:00:00 2001
From: Jason Creviston <the@j4w8n.com>
Date: Wed, 29 Jan 2025 14:30:10 -0500
Subject: [PATCH] fix: assert type in `decodeJWTPayload` (#1018)

## What kind of change does this PR introduce?

Bug fix

## What is the current behavior?

Type checking and/or linting does not pass for some configurations, per
https://github.com/supabase/auth-js/issues/967 and
https://github.com/supabase/auth-js/issues/1017

## What is the new behavior?

We're now asserting that `parts[1]` is a string (aka isn't undefined),
since we know from a previous check that the array length is 3.

## Additional context

Fixes #967 and fixes #1017

Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
---
 src/lib/helpers.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/helpers.ts b/src/lib/helpers.ts
index dee69fea..c0a948fc 100644
--- a/src/lib/helpers.ts
+++ b/src/lib/helpers.ts
@@ -205,11 +205,11 @@ export function decodeJWTPayload(token: string) {
     throw new Error('JWT is not valid: not a JWT structure')
   }
 
-  if (!base64UrlRegex.test(parts[1])) {
+  if (!base64UrlRegex.test(parts[1] as string)) {
     throw new Error('JWT is not valid: payload is not in base64url format')
   }
 
-  const base64Url = parts[1]
+  const base64Url = parts[1] as string
   return JSON.parse(decodeBase64URL(base64Url))
 }