Package com.google.auth.oauth2
Class TokenVerifier
- java.lang.Object
-
- com.google.auth.oauth2.TokenVerifier
-
public class TokenVerifier extends java.lang.Object
Handle verification of Google-signed JWT tokens.- Since:
- 0.21.0
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
TokenVerifier.Builder
(package private) static class
TokenVerifier.PublicKeyLoader
Custom CacheLoader for mapping certificate urls to the contained public keys.static class
TokenVerifier.VerificationException
Custom exception for wrapping all verification errors.
-
Field Summary
Fields Modifier and Type Field Description private java.lang.String
audience
private java.lang.String
certificatesLocation
private com.google.api.client.util.Clock
clock
private static java.lang.String
FEDERATED_SIGNON_CERT_URL
private static java.lang.String
IAP_CERT_URL
private java.lang.String
issuer
private java.security.PublicKey
publicKey
private com.google.common.cache.LoadingCache<java.lang.String,java.util.Map<java.lang.String,java.security.PublicKey>>
publicKeyCache
private static java.util.Set<java.lang.String>
SUPPORTED_ALGORITHMS
-
Constructor Summary
Constructors Modifier Constructor Description private
TokenVerifier(TokenVerifier.Builder builder)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private java.lang.String
getCertificateLocation(com.google.api.client.json.webtoken.JsonWebSignature jsonWebSignature)
static TokenVerifier.Builder
newBuilder()
com.google.api.client.json.webtoken.JsonWebSignature
verify(java.lang.String token)
Verify an encoded JWT token.
-
-
-
Field Detail
-
IAP_CERT_URL
private static final java.lang.String IAP_CERT_URL
- See Also:
- Constant Field Values
-
FEDERATED_SIGNON_CERT_URL
private static final java.lang.String FEDERATED_SIGNON_CERT_URL
- See Also:
- Constant Field Values
-
SUPPORTED_ALGORITHMS
private static final java.util.Set<java.lang.String> SUPPORTED_ALGORITHMS
-
audience
private final java.lang.String audience
-
certificatesLocation
private final java.lang.String certificatesLocation
-
issuer
private final java.lang.String issuer
-
publicKey
private final java.security.PublicKey publicKey
-
clock
private final com.google.api.client.util.Clock clock
-
publicKeyCache
private final com.google.common.cache.LoadingCache<java.lang.String,java.util.Map<java.lang.String,java.security.PublicKey>> publicKeyCache
-
-
Constructor Detail
-
TokenVerifier
private TokenVerifier(TokenVerifier.Builder builder)
-
-
Method Detail
-
newBuilder
public static TokenVerifier.Builder newBuilder()
-
verify
public com.google.api.client.json.webtoken.JsonWebSignature verify(java.lang.String token) throws TokenVerifier.VerificationException
Verify an encoded JWT token.- Parameters:
token
- encoded JWT token- Returns:
- the parsed JsonWebSignature instance for additional validation if necessary
- Throws:
TokenVerifier.VerificationException
- thrown if any verification fails
-
getCertificateLocation
private java.lang.String getCertificateLocation(com.google.api.client.json.webtoken.JsonWebSignature jsonWebSignature) throws TokenVerifier.VerificationException
-
-