Java源码示例:com.google.api.client.auth.openidconnect.IdTokenVerifier
示例1
static FirebaseTokenVerifierImpl createIdTokenVerifier(FirebaseApp app, Clock clock) {
String projectId = ImplFirebaseTrampolines.getProjectId(app);
checkState(!Strings.isNullOrEmpty(projectId),
"Must initialize FirebaseApp with a project ID to call verifyIdToken()");
IdTokenVerifier idTokenVerifier = newIdTokenVerifier(
clock, ID_TOKEN_ISSUER_PREFIX, projectId);
GooglePublicKeysManager publicKeysManager = newPublicKeysManager(
app.getOptions(), clock, ID_TOKEN_CERT_URL);
return FirebaseTokenVerifierImpl.builder()
.setShortName("ID token")
.setMethod("verifyIdToken()")
.setDocUrl("https://firebase.google.com/docs/auth/admin/verify-id-tokens")
.setJsonFactory(app.getOptions().getJsonFactory())
.setPublicKeysManager(publicKeysManager)
.setIdTokenVerifier(idTokenVerifier)
.build();
}
示例2
static FirebaseTokenVerifierImpl createSessionCookieVerifier(FirebaseApp app, Clock clock) {
String projectId = ImplFirebaseTrampolines.getProjectId(app);
checkState(!Strings.isNullOrEmpty(projectId),
"Must initialize FirebaseApp with a project ID to call verifySessionCookie()");
IdTokenVerifier idTokenVerifier = newIdTokenVerifier(
clock, SESSION_COOKIE_ISSUER_PREFIX, projectId);
GooglePublicKeysManager publicKeysManager = newPublicKeysManager(
app.getOptions(), clock, SESSION_COOKIE_CERT_URL);
return FirebaseTokenVerifierImpl.builder()
.setJsonFactory(app.getOptions().getJsonFactory())
.setPublicKeysManager(publicKeysManager)
.setIdTokenVerifier(idTokenVerifier)
.setShortName("session cookie")
.setMethod("verifySessionCookie()")
.setDocUrl("https://firebase.google.com/docs/auth/admin/manage-cookies")
.build();
}
示例3
private static IdTokenVerifier newIdTokenVerifier(
Clock clock, String issuerPrefix, String projectId) {
return new IdTokenVerifier.Builder()
.setClock(clock)
.setAudience(ImmutableList.of(projectId))
.setIssuer(issuerPrefix + projectId)
.build();
}
示例4
private IdTokenVerifier newIdTokenVerifier() {
return new IdTokenVerifier.Builder()
.setClock(TestTokenFactory.CLOCK)
.setAudience(ImmutableList.of(TestTokenFactory.PROJECT_ID))
.setIssuer(TEST_TOKEN_ISSUER)
.build();
}
示例5
/**
* Validates an IdToken.
* TODO: Look into verifying the token nonce as well?
*
* @param idTokenString the IdToken to validate
* @return true if the idToken is valid, false otherwise.
* @throws IOException when the IdToken can not be parse.
* @see IdTokenVerifier#verify(IdToken)
*/
private boolean isValidIdToken(@NonNull String idTokenString) throws IOException {
List<String> audiences = Collections.singletonList(clientId);
IdTokenVerifier verifier = new IdTokenVerifier.Builder()
.setAudience(audiences)
.setAcceptableTimeSkewSeconds(1000)
.setIssuer(issuerId)
.build();
IdToken idToken = IdToken.parse(new GsonFactory(), idTokenString);
return true;//verifier.verify(idToken);
}
示例6
public void testBuilder() throws Exception {
GoogleIdTokenVerifier.Builder builder = new GoogleIdTokenVerifier.Builder(
new GooglePublicKeysManagerTest.PublicCertsMockHttpTransport(), new JacksonFactory()).setIssuer(
ISSUER).setAudience(TRUSTED_CLIENT_IDS);
assertEquals(Clock.SYSTEM, builder.getClock());
assertEquals(ISSUER, builder.getIssuer());
assertTrue(TRUSTED_CLIENT_IDS.equals(builder.getAudience()));
Clock clock = new FixedClock(4);
builder.setClock(clock);
assertEquals(clock, builder.getClock());
IdTokenVerifier verifier = builder.build();
assertEquals(clock, verifier.getClock());
assertEquals(ISSUER, verifier.getIssuer());
assertEquals(TRUSTED_CLIENT_IDS, Lists.newArrayList(verifier.getAudience()));
}
示例7
IdTokenVerifier getIdTokenVerifier() {
return idTokenVerifier;
}
示例8
Builder setIdTokenVerifier(IdTokenVerifier idTokenVerifier) {
this.idTokenVerifier = idTokenVerifier;
return this;
}
示例9
private void verifyJwtVerifier(IdTokenVerifier jwtVerifier, String issuer) {
assertNotNull(jwtVerifier);
assertEquals(issuer, jwtVerifier.getIssuer());
assertEquals(TEST_PROJECT_ID, Iterables.getOnlyElement(jwtVerifier.getAudience()));
assertSame(CLOCK, jwtVerifier.getClock());
}
