java source code of FirebaseTokenFactory

firebase-admin-java-master
- NOTICE.txt
- .github
  - resources
    - settings.xml
    - integ-service-account.json.gpg
    - firebase.asc.gpg
  - workflows
    - ci.yml
    - release.yml
  - scripts
    - generate_changelog.sh
    - publish_artifacts.sh
    - publish_preflight_check.sh
    - package_artifacts.sh
- src
  - main
    - resources
      - admin_sdk.properties
    - java
      - com
        google
        firebase
        database
        OnDisconnect.java
        ServerValue.java
        GenericTypeIndicator.java
        DatabaseError.java
        DatabaseReference.java
        Transaction.java
        PropertyName.java
        Exclude.java
        Query.java
        InternalHelpers.java
        util
        JsonMapper.java
        package-info.java
        EmulatorHelper.java
        GAuthToken.java
        connection
        WebsocketConnection.java
        HostInfo.java
        ConnectionAuthTokenProvider.java
        RequestResultCallback.java
        CompoundHash.java
        Constants.java
        util
        package-info.java
        RetryHelper.java
        ConnectionUtils.java
        Connection.java
        PersistentConnection.java
        package-info.java
        PersistentConnectionImpl.java
        ListenHashProvider.java
        ConnectionContext.java
        RangeMerge.java
        NettyWebSocketClient.java
        IgnoreExtraProperties.java
        collection
        LLRBBlackValueNode.java
        StandardComparator.java
        ImmutableSortedSet.java
        LLRBNode.java
        LLRBRedValueNode.java
        ImmutableSortedMap.java
        RBTreeSortedMap.java
        package-info.java
        ImmutableSortedMapIterator.java
        LLRBEmptyNode.java
        LLRBValueNode.java
        ArraySortedMap.java
        ChildEventListener.java
        FirebaseDatabase.java
        snapshot
        PriorityIndex.java
        ValueIndex.java
        ChildKey.java
        PriorityUtilities.java
        LongNode.java
        PathIndex.java
        Index.java
        CompoundHash.java
        EmptyNode.java
        Node.java
        LeafNode.java
        package-info.java
        NamedNode.java
        ChildrenNode.java
        DoubleNode.java
        StringNode.java
        IndexedNode.java
        RangeMerge.java
        NodeUtilities.java
        BooleanNode.java
        DeferredValueNode.java
        KeyIndex.java
        DatabaseException.java
        annotations
        NotNull.java
        Nullable.java
        package-info.java
        core
        DatabaseConfig.java
        WriteTree.java
        ChildEventRegistration.java
        ValidationPath.java
        RepoManager.java
        ThreadPoolEventTarget.java
        AuthTokenProvider.java
        UserWriteRecord.java
        ZombieEventManager.java
        SparseSnapshotTree.java
        Context.java
        SnapshotHolder.java
        Platform.java
        ValueEventRegistration.java
        RunLoop.java
        CompoundWrite.java
        Constants.java
        WriteTreeRef.java
        EventRegistrationZombieListener.java
        SyncTree.java
        ServerValues.java
        Repo.java
        JvmAuthTokenProvider.java
        package-info.java
        view
        ViewCache.java
        DataEvent.java
        EventRaiser.java
        Event.java
        CacheNode.java
        ViewProcessor.java
        QueryParams.java
        QuerySpec.java
        package-info.java
        View.java
        EventGenerator.java
        filter
        ChildChangeAccumulator.java
        RangedFilter.java
        package-info.java
        LimitedFilter.java
        NodeFilter.java
        IndexedFilter.java
        Change.java
        CancelEvent.java
        EventTarget.java
        Tag.java
        EventRegistration.java
        operation
        Overwrite.java
        Operation.java
        Merge.java
        ListenComplete.java
        package-info.java
        OperationSource.java
        AckUserWrite.java
        Path.java
        RepoInfo.java
        SyncPoint.java
        utilities
        TreeNode.java
        Tree.java
        package-info.java
        ImmutableTree.java
        Predicate.java
        persistence
        TrackedQueryManager.java
        TrackedQuery.java
        PersistenceManager.java
        PersistenceStorageEngine.java
        package-info.java
        DefaultPersistenceManager.java
        LRUCachePolicy.java
        CachePolicy.java
        NoopPersistenceManager.java
        PruneForest.java
        JvmPlatform.java
        MutableData.java
        ThrowOnExtraProperties.java
        ValueEventListener.java
        DataSnapshot.java
        utilities
        PushIdGenerator.java
        OffsetClock.java
        Utilities.java
        package-info.java
        NodeSizeEstimator.java
        DefaultClock.java
        DefaultRunLoop.java
        ParsedUrl.java
        Pair.java
        Clock.java
        Validation.java
        encoding
        CustomClassMapper.java
        package-info.java
        FirebaseException.java
        projectmanagement
        IosAppMetadata.java
        FirebaseProjectManagement.java
        FirebaseProjectManagementException.java
        IosAppService.java
        AndroidAppMetadata.java
        ShaCertificate.java
        ShaCertificateType.java
        IosApp.java
        Scheduler.java
        HttpHelper.java
        AndroidAppService.java
        FirebaseProjectManagementServiceImpl.java
        AndroidApp.java
        ImplFirebaseTrampolines.java
        FirebaseApp.java
        FirebaseOptions.java
        cloud
        StorageClient.java
        FirestoreClient.java
        iid
        FirebaseInstanceIdException.java
        FirebaseInstanceId.java
        internal
        FirebaseService.java
        ListenableFuture2ApiFuture.java
        FirebaseScheduledExecutor.java
        ApiClientUtils.java
        RetryConfig.java
        Nullable.java
        package-info.java
        DateUtils.java
        NonNull.java
        FirebaseThreadManagers.java
        CallableOperation.java
        RetryUnsuccessfulResponseHandler.java
        FirebaseRequestInitializer.java
        RetryInitializer.java
        GuardedBy.java
        FirebaseAppStore.java
        SdkUtils.java
        FirebaseAppLifecycleListener.java
        auth
        ProviderUserInfo.java
        FirebaseAuthException.java
        UserImportResult.java
        UserImportHash.java
        SessionCookieOptions.java
        ProviderIdentifier.java
        EmailIdentifier.java
        UserRecord.java
        ExportedUserRecord.java
        FirebaseTokenUtils.java
        UidIdentifier.java
        FirebaseAuth.java
        ImportUserRecord.java
        FirebaseUserManager.java
        GetUsersResult.java
        ActionCodeSettings.java
        FirebaseTokenVerifier.java
        UserMetadata.java
        internal
        UploadAccountResponse.java
        CryptoSigner.java
        HttpErrorResponse.java
        FirebaseTokenFactory.java
        GetAccountInfoResponse.java
        FirebaseCustomAuthToken.java
        DownloadAccountResponse.java
        package-info.java
        CryptoSigners.java
        GetAccountInfoRequest.java
        BatchDeleteResponse.java
        FirebaseToken.java
        UserInfo.java
        UserImportOptions.java
        DeleteUsersResult.java
        UserIdentifier.java
        RevocationCheckDecorator.java
        PhoneIdentifier.java
        ListUsersPage.java
        UserProvider.java
        hash
        PbkdfSha1.java
        HmacSha512.java
        HmacSha256.java
        Scrypt.java
        Sha1.java
        StandardScrypt.java
        Pbkdf2Sha256.java
        Sha256.java
        Hmac.java
        HmacMd5.java
        Sha512.java
        RepeatableHash.java
        HmacSha1.java
        Md5.java
        Bcrypt.java
        ErrorInfo.java
        FirebaseTokenVerifierImpl.java
        ThreadManager.java
        messaging
        AndroidFcmOptions.java
        BatchResponse.java
        FirebaseMessagingClientImpl.java
        WebpushConfig.java
        WebpushNotification.java
        SendResponse.java
        Notification.java
        ApsAlert.java
        BatchResponseImpl.java
        ApnsConfig.java
        CriticalSound.java
        LightSettingsColor.java
        FirebaseMessaging.java
        InstanceIdClientImpl.java
        Aps.java
        FirebaseMessagingClient.java
        Message.java
        ApnsFcmOptions.java
        FirebaseMessagingException.java
        internal
        MessagingServiceErrorResponse.java
        package-info.java
        MessagingServiceResponse.java
        AndroidConfig.java
        TopicManagementResponse.java
        MulticastMessage.java
        WebpushFcmOptions.java
        FcmOptions.java
        AndroidNotification.java
        LightSettings.java
        FcmOptionsUtil.java
        InstanceIdClient.java
  - test
    - resources
      - firebase_config_invalid.json
      - service_accounts
        viewer_public_key.pem
        editor_public_key.pem
        owner.json
        none.json
        none_public_key.pem
        editor.json
        viewer.json
        owner_public_key.pem
      - createSessionCookie.json
      - deleteUser.json
      - generateEmailLink.json
      - fcm_batch_failure.txt
      - getUser.json
      - createUser.json
      - firebase_config.json
      - getUserError.json
      - listUsers.json
      - importUsersError.json
      - fcm_batch_success.txt
      - firebase_config_empty.json
      - syncPointSpec.json
      - firebase_config_partial.json
      - firebase_config_invalid_key.json
    - java
      - com
        google
        firebase
        TestOnlyImplFirebaseTrampolines.java
        database
        future
        ReadFuture.java
        WriteFuture.java
        TestChildEventListener.java
        TestHelpers.java
        ValueExpectationHelper.java
        UtilitiesTest.java
        integration
        InfoTestIT.java
        EventTestIT.java
        FirebaseDatabaseTestIT.java
        OrderByTestIT.java
        EventHelper.java
        RulesTestIT.java
        ShutdownExample.java
        QueryTestIT.java
        TransactionTestIT.java
        OrderTestIT.java
        RealtimeTestIT.java
        FirebaseDatabaseAuthTestIT.java
        DataTestIT.java
        EventRecord.java
        util
        GAuthTokenTest.java
        EmulatorHelperTest.java
        JsonMapperTest.java
        connection
        ConnectionUtilsTest.java
        ListenAggregator.java
        WebsocketConnectionTest.java
        PersistentConnectionTest.java
        ConnectionTest.java
        MutableDataTest.java
        collection
        ArraySortedMapTest.java
        ImmutableSortedSetTest.java
        RBTreeSortedMapTest.java
        DataSnapshotTest.java
        ObjectMapTest.java
        DatabaseErrorTest.java
        QueryTest.java
        OnDisconnectTest.java
        MapBuilder.java
        snapshot
        NodeTest.java
        CompoundHashTest.java
        core
        CoreTestHelpers.java
        SyncPointTest.java
        RangeMergeTest.java
        JvmPlatformTest.java
        view
        QueryParamsTest.java
        ViewAccess.java
        PathTest.java
        JvmAuthTokenProviderTest.java
        RepoTest.java
        RandomOperationGenerator.java
        RepoInfoTest.java
        ZombieVerifier.java
        CompoundWriteTest.java
        utilities
        TreeTest.java
        TestClock.java
        persistence
        TestCachePolicy.java
        TrackedQueryManagerTest.java
        MockPersistenceStorageEngine.java
        RandomPersistenceTest.java
        PruneForestTest.java
        MockListenProvider.java
        DefaultPersistenceManagerTest.java
        KeepSyncedTestIT.java
        RandomViewProcessorTest.java
        DatabaseReferenceTest.java
        TestTokenProvider.java
        FirebaseDatabaseTest.java
        MapperTest.java
        utilities
        UtilitiesTest.java
        PushIdGeneratorTest.java
        PairTest.java
        NodeSizeEstimatorTest.java
        DefaultRunLoopTest.java
        ValidationTest.java
        TestFailure.java
        projectmanagement
        IosAppTest.java
        ShaCertificateTest.java
        FirebaseProjectManagementTest.java
        FirebaseProjectManagementIT.java
        FirebaseProjectManagementServiceImplTest.java
        AndroidAppTest.java
        FirebaseAppTest.java
        snippets
        FirebaseMessagingSnippets.java
        FirebaseStorageSnippets.java
        FirebaseAppSnippets.java
        FirebaseAuthSnippets.java
        FirebaseDatabaseSnippets.java
        cloud
        FirestoreClientTest.java
        StorageClientIT.java
        StorageClientTest.java
        FirestoreClientIT.java
        iid
        FirebaseInstanceIdIT.java
        FirebaseInstanceIdTest.java
        internal
        TestApiClientUtils.java
        FirebaseThreadManagersTest.java
        RetryInitializerTest.java
        RetryUnsuccessfulResponseHandlerTest.java
        CountingLowLevelHttpRequest.java
        ApiClientUtilsTest.java
        CallableOperationTest.java
        FirebaseRequestInitializerTest.java
        RetryConfigTest.java
        FirebaseAppStoreTest.java
        DateUtilsTest.java
        FirebaseOptionsTest.java
        ThreadManagerTest.java
        auth
        UserImportHashTest.java
        ImportUserRecordTest.java
        FirebaseUserManagerTest.java
        FirebaseTokenUtilsTest.java
        FirebaseCustomTokenTest.java
        ActionCodeSettingsTest.java
        FirebaseAuthIT.java
        FirebaseTokenVerifierImplTest.java
        ListUsersPageTest.java
        GetUsersIT.java
        MockGoogleCredentials.java
        internal
        CryptoSignersTest.java
        FirebaseTokenFactoryTest.java
        TestTokenFactory.java
        UserImportOptionsTest.java
        UserRecordTest.java
        hash
        InvalidHashTest.java
        FirebaseTokenTest.java
        FirebaseAuthTest.java
        UserProviderTest.java
        CodeCoverageReporter.java
        messaging
        SendResponseTest.java
        FirebaseMessagingIT.java
        MulticastMessageTest.java
        InstanceIdClientImplTest.java
        MessageTest.java
        BatchResponseTest.java
        FirebaseMessagingClientImplTest.java
        FirebaseMessagingTest.java
        testing
        MultiRequestMockHttpTransport.java
        TestUtils.java
        TestResponseInterceptor.java
        ServiceAccount.java
        GenericFunction.java
        FirebaseAppRule.java
        MockitoTestRule.java
        IntegrationTestUtils.java
- PULL_REQUEST_TEMPLATE.md
- checkstyle.xml
- pom.xml
- LICENSE
- CONTRIBUTING.md
- ISSUE_TEMPLATE.md
- prepare_release.sh
- README.md
- .opensource
  - project.json
- .gitignore

/*
 * Copyright 2017 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.google.firebase.auth.internal;

import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;

import com.google.api.client.json.GenericJson;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.webtoken.JsonWebSignature;
import com.google.api.client.util.Base64;
import com.google.api.client.util.Clock;
import com.google.api.client.util.StringUtils;

import com.google.common.base.Strings;
import java.io.IOException;
import java.util.Collection;
import java.util.Map;

/**
 * Provides helper methods to simplify the creation of Firebase custom auth tokens.
 *
 * <p>This class is designed to hide underlying implementation details from a Firebase developer.
 */
public class FirebaseTokenFactory {

  private final JsonFactory jsonFactory;
  private final Clock clock;
  private final CryptoSigner signer;

  public FirebaseTokenFactory(JsonFactory jsonFactory, Clock clock, CryptoSigner signer) {
    this.jsonFactory = checkNotNull(jsonFactory);
    this.clock = checkNotNull(clock);
    this.signer = checkNotNull(signer);
  }

  String createSignedCustomAuthTokenForUser(String uid) throws IOException {
    return createSignedCustomAuthTokenForUser(uid, null);
  }

  public String createSignedCustomAuthTokenForUser(
      String uid, Map<String, Object> developerClaims) throws IOException {
    checkArgument(!Strings.isNullOrEmpty(uid), "Uid must be provided.");
    checkArgument(uid.length() <= 128, "Uid must be shorter than 128 characters.");

    JsonWebSignature.Header header = new JsonWebSignature.Header().setAlgorithm("RS256");

    final long issuedAt = clock.currentTimeMillis() / 1000;
    FirebaseCustomAuthToken.Payload payload =
        new FirebaseCustomAuthToken.Payload()
            .setUid(uid)
            .setIssuer(signer.getAccount())
            .setSubject(signer.getAccount())
            .setAudience(FirebaseCustomAuthToken.FIREBASE_AUDIENCE)
            .setIssuedAtTimeSeconds(issuedAt)
            .setExpirationTimeSeconds(issuedAt + FirebaseCustomAuthToken.TOKEN_DURATION_SECONDS);

    if (developerClaims != null) {
      Collection<String> reservedNames = payload.getClassInfo().getNames();
      for (String key : developerClaims.keySet()) {
        if (reservedNames.contains(key)) {
          throw new IllegalArgumentException(
              String.format("developerClaims must not contain a reserved key: %s", key));
        }
      }
      GenericJson jsonObject = new GenericJson();
      jsonObject.putAll(developerClaims);
      payload.setDeveloperClaims(jsonObject);
    }
    return signPayload(header, payload);
  }

  private String signPayload(JsonWebSignature.Header header,
      FirebaseCustomAuthToken.Payload payload) throws IOException {
    String headerString = Base64.encodeBase64URLSafeString(jsonFactory.toByteArray(header));
    String payloadString = Base64.encodeBase64URLSafeString(jsonFactory.toByteArray(payload));
    String content = headerString + "." + payloadString;
    byte[] contentBytes = StringUtils.getBytesUtf8(content);
    String signature = Base64.encodeBase64URLSafeString(signer.sign(contentBytes));
    return content + "." + signature;
  }
}