fix(getToken): make 'secret' optional when raw JWT is requested (#11894)

* fix(getToken): make 'secret' optional when raw JWT is requested

* Update jwt.ts

---------

Co-authored-by: Balázs Orbán <[email protected]>

Author: alimorgaan

packages/core/src/jwt.ts

@@ -108,7 +108,7 @@ export async function decode<Payload = JWT>(
 }
 
 type GetTokenParamsBase = {
-  secret: JWTDecodeParams["secret"]
+  secret?: JWTDecodeParams["secret"]
   salt?: JWTDecodeParams["salt"]
 }
 
@@ -155,8 +155,6 @@ export async function getToken(
   } = params
 
   if (!req) throw new Error("Must pass `req` to JWT getToken()")
-  if (!secret)
-    throw new MissingSecret("Must pass `secret` if not set to JWT getToken()")
 
   const headers =
     req.headers instanceof Headers ? req.headers : new Headers(req.headers)
@@ -180,6 +178,9 @@ export async function getToken(
 
   if (raw) return token
 
+  if (!secret)
+    throw new MissingSecret("Must pass `secret` if not set to JWT getToken()")
+
   try {
     return await _decode({ token, secret, salt })
   } catch {