com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public final class GoogleIdTokenVerifier
Thread-safe Google ID token verifier.
The public keys are loaded Google's public certificate endpoint at
"https://www.googleapis.com/oauth2/v1/certs". The public keys are cached in this instance
of GoogleIdTokenVerifier. Therefore, for maximum efficiency, applications should use a
single globally-shared instance of the GoogleIdTokenVerifier. Use
verify(GoogleIdToken) or GoogleIdToken.verify(GoogleIdTokenVerifier) to verify a
Google ID token.
Samples usage:
public static GoogleIdTokenVerifier verifier;
public static void initVerifier(
HttpTransport transport, JsonFactory jsonFactory, String clientId) {
verifier = new GoogleIdTokenVerifier(transport, jsonFactory, clientId);
}
public static boolean verifyToken(GoogleIdToken idToken)
throws GeneralSecurityException, IOException {
return verifier.verify(idToken);
}
| Constructor Summary | |
|---|---|
GoogleIdTokenVerifier(HttpTransport transport,
JsonFactory jsonFactory,
String clientId)
Constructor with required parameters. |
|
| Method Summary | |
|---|---|
String |
getClientId()
Returns the client ID or null for none. |
long |
getExpirationTimeMilliseconds()
Returns the expiration time in milliseconds to be used with System.currentTimeMillis()
or 0 for none. |
JsonFactory |
getJsonFactory()
Returns the JSON factory. |
List<PublicKey> |
getPublicKeys()
Returns the public keys or null for none. |
GoogleIdTokenVerifier |
loadPublicCerts()
Downloads the public keys from the public certificates endpoint at "https://www.googleapis.com/oauth2/v1/certs". |
boolean |
verify(GoogleIdToken idToken)
Verifies that the given ID token is valid using verify(GoogleIdToken, String) with the
getClientId(). |
boolean |
verify(GoogleIdToken idToken,
String clientId)
Verifies that the given ID token is valid, using the given client ID. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public GoogleIdTokenVerifier(HttpTransport transport,
JsonFactory jsonFactory,
String clientId)
transport - HTTP transportjsonFactory - JSON factoryclientId - client ID or null for none| Method Detail |
|---|
public JsonFactory getJsonFactory()
public String getClientId()
null for none.
public List<PublicKey> getPublicKeys()
null for none.
public long getExpirationTimeMilliseconds()
System.currentTimeMillis()
or 0 for none.
public boolean verify(GoogleIdToken idToken)
throws GeneralSecurityException,
IOException
verify(GoogleIdToken, String) with the
getClientId().
idToken - Google ID token
true if verified successfully or false if failed
GeneralSecurityException
IOException
public boolean verify(GoogleIdToken idToken,
String clientId)
throws GeneralSecurityException,
IOException
"accounts.google.com".clientId is null.
idToken - Google ID tokenclientId - client ID or null to skip checking it
true if verified successfully or false if failed
GeneralSecurityException
IOException
public GoogleIdTokenVerifier loadPublicCerts()
throws GeneralSecurityException,
IOException
"https://www.googleapis.com/oauth2/v1/certs".
This method is automatically called if the public keys have not yet been initialized or if the expiration time is very close, so normally this doesn't need to be called. Only call this method explicitly to force the public keys to be updated.
GeneralSecurityException
IOException
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||