MCPcopy
hub / github.com/simstudioai/sim / resolveUserFromJwt

Function resolveUserFromJwt

apps/sim/lib/auth/hybrid.ts:46–59  ·  view source on GitHub ↗

* Resolves userId from a verified internal JWT token. * Only trusts the userId embedded in the JWT payload — never from user-controlled sources.

(
  verificationUserId: string | null,
  options: { requireWorkflowId?: boolean }
)

Source from the content-addressed store, hash-verified

44 * Only trusts the userId embedded in the JWT payload — never from user-controlled sources.
45 */
46function resolveUserFromJwt(
47 verificationUserId: string | null,
48 options: { requireWorkflowId?: boolean }
49): AuthResult {
50 if (verificationUserId) {
51 return { success: true, userId: verificationUserId, authType: AuthType.INTERNAL_JWT }
52 }
53
54 if (options.requireWorkflowId !== false) {
55 return { success: false, error: 'userId required but not present in JWT' }
56 }
57
58 return { success: true, authType: AuthType.INTERNAL_JWT }
59}
60
61/**
62 * Check for internal JWT authentication only.

Callers 3

checkInternalAuthFunction · 0.85
checkHybridAuthFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected