com.google.api.client.googleapis.auth.oauth2.GooglePublicKeysManager Java Examples

The following examples show how to use com.google.api.client.googleapis.auth.oauth2.GooglePublicKeysManager. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FirebaseTokenUtils.java    From firebase-admin-java with Apache License 2.0 6 votes vote down vote up
static FirebaseTokenVerifierImpl createIdTokenVerifier(FirebaseApp app, Clock clock) {
  String projectId = ImplFirebaseTrampolines.getProjectId(app);
  checkState(!Strings.isNullOrEmpty(projectId),
      "Must initialize FirebaseApp with a project ID to call verifyIdToken()");
  IdTokenVerifier idTokenVerifier = newIdTokenVerifier(
      clock, ID_TOKEN_ISSUER_PREFIX, projectId);
  GooglePublicKeysManager publicKeysManager = newPublicKeysManager(
      app.getOptions(), clock, ID_TOKEN_CERT_URL);
  return FirebaseTokenVerifierImpl.builder()
      .setShortName("ID token")
      .setMethod("verifyIdToken()")
      .setDocUrl("https://firebase.google.com/docs/auth/admin/verify-id-tokens")
      .setJsonFactory(app.getOptions().getJsonFactory())
      .setPublicKeysManager(publicKeysManager)
      .setIdTokenVerifier(idTokenVerifier)
      .build();
}
 
Example #2
Source File: FirebaseTokenUtils.java    From firebase-admin-java with Apache License 2.0 6 votes vote down vote up
static FirebaseTokenVerifierImpl createSessionCookieVerifier(FirebaseApp app, Clock clock) {
  String projectId = ImplFirebaseTrampolines.getProjectId(app);
  checkState(!Strings.isNullOrEmpty(projectId),
      "Must initialize FirebaseApp with a project ID to call verifySessionCookie()");
  IdTokenVerifier idTokenVerifier = newIdTokenVerifier(
      clock, SESSION_COOKIE_ISSUER_PREFIX, projectId);
  GooglePublicKeysManager publicKeysManager = newPublicKeysManager(
      app.getOptions(), clock, SESSION_COOKIE_CERT_URL);
  return FirebaseTokenVerifierImpl.builder()
      .setJsonFactory(app.getOptions().getJsonFactory())
      .setPublicKeysManager(publicKeysManager)
      .setIdTokenVerifier(idTokenVerifier)
      .setShortName("session cookie")
      .setMethod("verifySessionCookie()")
      .setDocUrl("https://firebase.google.com/docs/auth/admin/manage-cookies")
      .build();
}
 
Example #3
Source File: FirebaseTokenVerifierImplTest.java    From firebase-admin-java with Apache License 2.0 6 votes vote down vote up
@Test
public void verifyTokenCertificateError() {
  MockHttpTransport failingTransport = new MockHttpTransport() {
    @Override
    public LowLevelHttpRequest buildRequest(String method, String url) throws IOException {
      throw new IOException("Expected error");
    }
  };
  GooglePublicKeysManager publicKeysManager = newPublicKeysManager(failingTransport);
  FirebaseTokenVerifier idTokenVerifier = newTestTokenVerifier(publicKeysManager);
  String token = tokenFactory.createToken();

  try {
    idTokenVerifier.verifyToken(token);
    Assert.fail("No exception thrown");
  } catch (FirebaseAuthException expected) {
    assertTrue(expected.getCause() instanceof IOException);
    assertEquals("Expected error", expected.getCause().getMessage());
  }
}
 
Example #4
Source File: FirebaseTokenUtils.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up
private static GooglePublicKeysManager newPublicKeysManager(
    FirebaseOptions options, Clock clock, String certUrl) {
  return new GooglePublicKeysManager.Builder(
      options.getHttpTransport(), UNQUOTED_CTRL_CHAR_JSON_FACTORY)
      .setClock(clock)
      .setPublicCertsEncodedUrl(certUrl)
      .build();
}
 
Example #5
Source File: FirebaseTokenVerifierImplTest.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up
@Before
public void setUp() throws Exception {
  ServiceAccount serviceAccount = ServiceAccount.EDITOR;
  GooglePublicKeysManager publicKeysManager = newPublicKeysManager(serviceAccount.getCert());
  this.tokenVerifier = newTestTokenVerifier(publicKeysManager);
  this.tokenFactory = new TestTokenFactory(serviceAccount.getPrivateKey(), TEST_TOKEN_ISSUER);
}
 
Example #6
Source File: FirebaseTokenVerifierImplTest.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up
@Test
public void testVerifyTokenIncorrectCert() throws Exception {
  String token = tokenFactory.createToken();
  GooglePublicKeysManager publicKeysManager = newPublicKeysManager(
      ServiceAccount.NONE.getCert());
  FirebaseTokenVerifier tokenVerifier = newTestTokenVerifier(publicKeysManager);

  thrown.expectMessage("Failed to verify the signature of Firebase test token. "
      + "See https://test.doc.url for details on how to retrieve a test token.");
  tokenVerifier.verifyToken(token);
}
 
Example #7
Source File: FirebaseTokenVerifierImplTest.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up
private GooglePublicKeysManager newPublicKeysManager(String certificate) {
  String serviceAccountCertificates =
      String.format("{\"%s\" : \"%s\"}", TestTokenFactory.PRIVATE_KEY_ID, certificate);
  HttpTransport transport = new MockHttpTransport.Builder()
      .setLowLevelHttpResponse(
          new MockLowLevelHttpResponse().setContent(serviceAccountCertificates))
      .build();
  return newPublicKeysManager(transport);
}
 
Example #8
Source File: FirebaseTokenVerifierImplTest.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up
private GooglePublicKeysManager newPublicKeysManager(HttpTransport transport) {
  return new GooglePublicKeysManager.Builder(
      transport, FirebaseTokenUtils.UNQUOTED_CTRL_CHAR_JSON_FACTORY)
      .setClock(TestTokenFactory.CLOCK)
      .setPublicCertsEncodedUrl("https://test.cert.url")
      .build();
}
 
Example #9
Source File: FirebaseTokenVerifierImplTest.java    From firebase-admin-java with Apache License 2.0 5 votes vote down vote up
private FirebaseTokenVerifier newTestTokenVerifier(GooglePublicKeysManager publicKeysManager) {
  return FirebaseTokenVerifierImpl.builder()
      .setShortName("test token")
      .setMethod("verifyTestToken()")
      .setDocUrl("https://test.doc.url")
      .setJsonFactory(TestTokenFactory.JSON_FACTORY)
      .setPublicKeysManager(publicKeysManager)
      .setIdTokenVerifier(newIdTokenVerifier())
      .build();
}
 
Example #10
Source File: GoogleIdTokenVerifierTest.java    From styx with Apache License 2.0 5 votes vote down vote up
@Before
public void setUp() throws Exception {
  final var keyGen = KeyPairGenerator.getInstance("RSA");
  keyGen.initialize(571);
  KeyPair pair = keyGen.generateKeyPair();
  privateKey = pair.getPrivate();

  final var keysManager = new GooglePublicKeysManager(Utils.getDefaultTransport(), Utils.getDefaultJsonFactory());
  stubPublicKey(keysManager, pair.getPublic());

  verifier = new GoogleIdTokenVerifier(keysManager);
}
 
Example #11
Source File: EndpointsPeerAuthenticator.java    From endpoints-java with Apache License 2.0 5 votes vote down vote up
public EndpointsPeerAuthenticator() {
  Client client = Client.getInstance();
  GooglePublicKeysManager keyManager = new GooglePublicKeysManager.Builder(
      client.getHttpTransport(), client.getJsonFactory()).setPublicCertsEncodedUrl(
      PUBLIC_CERT_URL).build();
  GoogleIdTokenVerifier verifier =
      new GoogleIdTokenVerifier.Builder(keyManager).setIssuer(ISSUER).build();
  jwtAuthenticator = new GoogleJwtAuthenticator(verifier);
}
 
Example #12
Source File: FirebaseTokenVerifierImpl.java    From firebase-admin-java with Apache License 2.0 4 votes vote down vote up
GooglePublicKeysManager getPublicKeysManager() {
  return publicKeysManager;
}
 
Example #13
Source File: FirebaseTokenVerifierImpl.java    From firebase-admin-java with Apache License 2.0 4 votes vote down vote up
Builder setPublicKeysManager(GooglePublicKeysManager publicKeysManager) {
  this.publicKeysManager = publicKeysManager;
  return this;
}
 
Example #14
Source File: FirebaseTokenUtilsTest.java    From firebase-admin-java with Apache License 2.0 4 votes vote down vote up
private void verifyPublicKeysManager(GooglePublicKeysManager publicKeysManager, String certUrl) {
  assertNotNull(publicKeysManager);
  assertEquals(certUrl, publicKeysManager.getPublicCertsEncodedUrl());
  assertSame(CLOCK, publicKeysManager.getClock());
  assertTrue(publicKeysManager.getJsonFactory() instanceof GsonFactory);
}
 
Example #15
Source File: GoogleIdTokenVerifierTest.java    From styx with Apache License 2.0 4 votes vote down vote up
private void stubPublicKey(GooglePublicKeysManager keysManager, PublicKey publicKey)
    throws NoSuchFieldException, IllegalAccessException {
  // Reflection is used because final methods make it impossible to mock
  setField(keysManager, "publicKeys", List.of(publicKey));
  setField(keysManager, "expirationTimeMilliseconds", Long.MAX_VALUE);
}
 
Example #16
Source File: GoogleIdTokenVerifierTest.java    From styx with Apache License 2.0 4 votes vote down vote up
private void setField(GooglePublicKeysManager keysManager, String name, Object value)
    throws NoSuchFieldException, IllegalAccessException {
  final var field = GooglePublicKeysManager.class.getDeclaredField(name);
  field.setAccessible(true);
  field.set(keysManager, value);
}