Class SignedTokenVerificationOptions

Options to use when verifying signed JWTs.

Inheritance

object

SignedTokenVerificationOptions

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Google.Apis.Auth

Assembly: Google.Apis.Auth.dll

Syntax

public sealed class SignedTokenVerificationOptions

Constructors

SignedTokenVerificationOptions()

Creates a new instance of SignedTokenVerificationOptions with default values for all options (or null for those whose default is unset).

Declaration

public SignedTokenVerificationOptions()

SignedTokenVerificationOptions(SignedTokenVerificationOptions)

Creates a new instance of SignedTokenVerificationOptions by copying over all the values from other.

Declaration

public SignedTokenVerificationOptions(SignedTokenVerificationOptions other)

Parameters

Type	Name	Description
SignedTokenVerificationOptions	other	The option set to build this instance from.

Properties

CertificatesUrl

The URL from where to obtain certificates from. May be null, in which case, default certificate locations will be used:

• For RS256 signed certificates, https://www.googleapis.com/oauth2/v3/certs will be used.
• For ES256 signed certificates, https://www.gstatic.com/iap/verify/public_key-jwk will be used.

Declaration

public string CertificatesUrl { get; set; }

Property Value

Type	Description
string

ExpiryClockTolerance

Clock tolerance for the expiration check. Causes a JWT to pass validation up to this duration after it really expired; this is to allow for possible local-client clock skew. Defaults to zero. Internal to be used only for backward compatibility.

Declaration

public TimeSpan ExpiryClockTolerance { get; set; }

Property Value

Type	Description
TimeSpan

IssuedAtClockTolerance

Clock tolerance for the issued-at check. Causes a JWT to pass validation up to this duration before it is really valid; this is to allow for possible local-client clock skew. Defaults to zero. Internal to be used only for backward compatibility.

Declaration

public TimeSpan IssuedAtClockTolerance { get; set; }

Property Value

Type	Description
TimeSpan

TrustedAudiences

Trusted audiences for the token. All the audiences the token is intended for should be in the trusted audiences list. If the list is empty, the token audience won't be verified.

Declaration

public IList<string> TrustedAudiences { get; }

Property Value

Type	Description
IList<string>

TrustedIssuers

List of trusted issuers to verify the token issuer against. The token issuer must be contained in this list. May be null, in which case the token issuer won't be verified.

Declaration

public IList<string> TrustedIssuers { get; }

Property Value

Type	Description
IList<string>