com.google.api.client.auth.openidconnect.IdTokenVerifier Java Examples

The following examples show how to use com.google.api.client.auth.openidconnect.IdTokenVerifier. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FirebaseTokenUtils.java    From firebase-admin-java with Apache License 2.0 6 votes vote down vote up 
static FirebaseTokenVerifierImpl createIdTokenVerifier(FirebaseApp app, Clock clock) {
  String projectId = ImplFirebaseTrampolines.getProjectId(app);
  checkState(!Strings.isNullOrEmpty(projectId),
      "Must initialize FirebaseApp with a project ID to call verifyIdToken()");
  IdTokenVerifier idTokenVerifier = newIdTokenVerifier(
      clock, ID_TOKEN_ISSUER_PREFIX, projectId);
  GooglePublicKeysManager publicKeysManager = newPublicKeysManager(
      app.getOptions(), clock, ID_TOKEN_CERT_URL);
  return FirebaseTokenVerifierImpl.builder()
      .setShortName("ID token")
      .setMethod("verifyIdToken()")
      .setDocUrl("https://firebase.google.com/docs/auth/admin/verify-id-tokens")
      .setJsonFactory(app.getOptions().getJsonFactory())
      .setPublicKeysManager(publicKeysManager)
      .setIdTokenVerifier(idTokenVerifier)
      .build();
}
Example #2
Source File: FirebaseTokenUtils.java    From firebase-admin-java with Apache License 2.0 6 votes vote down vote up 
static FirebaseTokenVerifierImpl createSessionCookieVerifier(FirebaseApp app, Clock clock) {
  String projectId = ImplFirebaseTrampolines.getProjectId(app);
  checkState(!Strings.isNullOrEmpty(projectId),
      "Must initialize FirebaseApp with a project ID to call verifySessionCookie()");
  IdTokenVerifier idTokenVerifier = newIdTokenVerifier(
      clock, SESSION_COOKIE_ISSUER_PREFIX, projectId);
  GooglePublicKeysManager publicKeysManager = newPublicKeysManager(
      app.getOptions(), clock, SESSION_COOKIE_CERT_URL);
  return FirebaseTokenVerifierImpl.builder()
      .setJsonFactory(app.getOptions().getJsonFactory())
      .setPublicKeysManager(publicKeysManager)
      .setIdTokenVerifier(idTokenVerifier)
      .setShortName("session cookie")
      .setMethod("verifySessionCookie()")
      .setDocUrl("https://firebase.google.com/docs/auth/admin/manage-cookies")
      .build();
}
Example #3
Source File: FirebaseTokenUtils.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up 
private static IdTokenVerifier newIdTokenVerifier(
    Clock clock, String issuerPrefix, String projectId) {
  return new IdTokenVerifier.Builder()
      .setClock(clock)
      .setAudience(ImmutableList.of(projectId))
      .setIssuer(issuerPrefix + projectId)
      .build();
}
Example #4
Source File: FirebaseTokenVerifierImplTest.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up 
private IdTokenVerifier newIdTokenVerifier() {
  return new IdTokenVerifier.Builder()
        .setClock(TestTokenFactory.CLOCK)
        .setAudience(ImmutableList.of(TestTokenFactory.PROJECT_ID))
        .setIssuer(TEST_TOKEN_ISSUER)
        .build();
}
Example #5
Source File: OIDCRequestManager.java    From android-java-connect-rest-sample with MIT License 5 votes vote down vote up 
/**
 * Validates an IdToken.
 * TODO: Look into verifying the token nonce as well?
 *
 * @param idTokenString the IdToken to validate
 * @return true if the idToken is valid, false otherwise.
 * @throws IOException when the IdToken can not be parse.
 * @see IdTokenVerifier#verify(IdToken)
 */
private boolean isValidIdToken(@NonNull String idTokenString) throws IOException {

    List<String> audiences = Collections.singletonList(clientId);
    IdTokenVerifier verifier = new IdTokenVerifier.Builder()
            .setAudience(audiences)
            .setAcceptableTimeSkewSeconds(1000)
            .setIssuer(issuerId)
            .build();

    IdToken idToken = IdToken.parse(new GsonFactory(), idTokenString);

    return true;//verifier.verify(idToken);
}
Example #6
Source File: GoogleIdTokenVerifierTest.java    From google-api-java-client with Apache License 2.0 5 votes vote down vote up 
public void testBuilder() throws Exception {
  GoogleIdTokenVerifier.Builder builder = new GoogleIdTokenVerifier.Builder(
      new GooglePublicKeysManagerTest.PublicCertsMockHttpTransport(), new JacksonFactory()).setIssuer(
      ISSUER).setAudience(TRUSTED_CLIENT_IDS);
  assertEquals(Clock.SYSTEM, builder.getClock());
  assertEquals(ISSUER, builder.getIssuer());
  assertTrue(TRUSTED_CLIENT_IDS.equals(builder.getAudience()));
  Clock clock = new FixedClock(4);
  builder.setClock(clock);
  assertEquals(clock, builder.getClock());
  IdTokenVerifier verifier = builder.build();
  assertEquals(clock, verifier.getClock());
  assertEquals(ISSUER, verifier.getIssuer());
  assertEquals(TRUSTED_CLIENT_IDS, Lists.newArrayList(verifier.getAudience()));
}
Example #7
Source File: FirebaseTokenVerifierImpl.java    From firebase-admin-java with Apache License 2.0 4 votes vote down vote up 
IdTokenVerifier getIdTokenVerifier() {
  return idTokenVerifier;
}
Example #8
Source File: FirebaseTokenVerifierImpl.java    From firebase-admin-java with Apache License 2.0 4 votes vote down vote up 
Builder setIdTokenVerifier(IdTokenVerifier idTokenVerifier) {
  this.idTokenVerifier = idTokenVerifier;
  return this;
}
Example #9
Source File: FirebaseTokenUtilsTest.java    From firebase-admin-java with Apache License 2.0 4 votes vote down vote up 
private void verifyJwtVerifier(IdTokenVerifier jwtVerifier, String issuer) {
  assertNotNull(jwtVerifier);
  assertEquals(issuer, jwtVerifier.getIssuer());
  assertEquals(TEST_PROJECT_ID, Iterables.getOnlyElement(jwtVerifier.getAudience()));
  assertSame(CLOCK, jwtVerifier.getClock());
}