@@ -137,23 +137,33 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke
137
137
}
138
138
139
139
// parse Claims
140
- var claimBytes []byte
141
140
token .Claims = claims
142
141
143
- if claimBytes , err = p .DecodeSegment (parts [1 ]); err != nil {
142
+ claimBytes , err := p .DecodeSegment (parts [1 ])
143
+ if err != nil {
144
144
return token , parts , newError ("could not base64 decode claim" , ErrTokenMalformed , err )
145
145
}
146
- dec := json .NewDecoder (bytes .NewBuffer (claimBytes ))
147
- if p .useJSONNumber {
148
- dec .UseNumber ()
149
- }
150
- // JSON Decode. Special case for map type to avoid weird pointer behavior
151
- if c , ok := token .Claims .(MapClaims ); ok {
152
- err = dec .Decode (& c )
146
+
147
+ // If `useJSONNumber` is enabled then we must use *json.Decoder to decode
148
+ // the claims. However, this comes with a performance penalty so only use
149
+ // it if we must and, otherwise, simple use json.Unmarshal.
150
+ if ! p .useJSONNumber {
151
+ // JSON Unmarshal. Special case for map type to avoid weird pointer behavior.
152
+ if c , ok := token .Claims .(MapClaims ); ok {
153
+ err = json .Unmarshal (claimBytes , & c )
154
+ } else {
155
+ err = json .Unmarshal (claimBytes , & claims )
156
+ }
153
157
} else {
154
- err = dec .Decode (& claims )
158
+ dec := json .NewDecoder (bytes .NewBuffer (claimBytes ))
159
+ dec .UseNumber ()
160
+ // JSON Decode. Special case for map type to avoid weird pointer behavior.
161
+ if c , ok := token .Claims .(MapClaims ); ok {
162
+ err = dec .Decode (& c )
163
+ } else {
164
+ err = dec .Decode (& claims )
165
+ }
155
166
}
156
- // Handle decode error
157
167
if err != nil {
158
168
return token , parts , newError ("could not JSON decode claim" , ErrTokenMalformed , err )
159
169
}
0 commit comments