com.google.api.client.googleapis.auth.oauth2

Class GooglePublicKeysManager

java.lang.Object

com.google.api.client.googleapis.auth.oauth2.GooglePublicKeysManager

@Beta
public class GooglePublicKeysManager
extends Object

Beta
Thread-safe Google public keys manager.

The public keys are loaded from the public certificates endpoint at getPublicCertsEncodedUrl() and cached in this instance. Therefore, for maximum efficiency, applications should use a single globally-shared instance of the GooglePublicKeysManager.

Since:

1.17

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	GooglePublicKeysManager.Builder Beta Builder for GooglePublicKeysManager.

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	GooglePublicKeysManager(GooglePublicKeysManager.Builder builder)
	GooglePublicKeysManager(HttpTransport transport, JsonFactory jsonFactory)

Method Summary

Modifier and Type	Method and Description
Clock	getClock() Returns the clock.
long	getExpirationTimeMilliseconds() Returns the expiration time in milliseconds to be used with Clock.currentTimeMillis() or 0 for none.
JsonFactory	getJsonFactory() Returns the JSON factory.
String	getPublicCertsEncodedUrl() Returns the public certificates encoded URL.
List<PublicKey>	getPublicKeys() Returns an unmodifiable view of the public keys.
HttpTransport	getTransport() Returns the HTTP transport.
GooglePublicKeysManager	refresh() Forces a refresh of the public certificates downloaded from getPublicCertsEncodedUrl().

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

GooglePublicKeysManager

public GooglePublicKeysManager(HttpTransport transport,
                               JsonFactory jsonFactory)

Parameters:

transport - HTTP transport

jsonFactory - JSON factory

GooglePublicKeysManager

protected GooglePublicKeysManager(GooglePublicKeysManager.Builder builder)

Parameters:

builder - builder

Method Detail

getTransport

public final HttpTransport getTransport()

Returns the HTTP transport.

getJsonFactory

public final JsonFactory getJsonFactory()

Returns the JSON factory.

getPublicCertsEncodedUrl

public final String getPublicCertsEncodedUrl()

Returns the public certificates encoded URL.

getClock

public final Clock getClock()

Returns the clock.

getPublicKeys

public final List<PublicKey> getPublicKeys()
                                    throws GeneralSecurityException,
                                           IOException

Returns an unmodifiable view of the public keys.

For efficiency, an in-memory cache of the public keys is used here. If this method is called for the first time, or the certificates have expired since last time it has been called (or are within 5 minutes of expiring), refresh() will be called before returning the value.

Throws:

GeneralSecurityException

IOException

getExpirationTimeMilliseconds

public final long getExpirationTimeMilliseconds()

Returns the expiration time in milliseconds to be used with Clock.currentTimeMillis() or 0 for none.

refresh

public GooglePublicKeysManager refresh()
                                throws GeneralSecurityException,
                                       IOException

Forces a refresh of the public certificates downloaded from getPublicCertsEncodedUrl().

This method is automatically called from getPublicKeys() if the public keys have not yet been initialized or if the expiration time is very close, so normally this doesn't need to be called. Only call this method to explicitly force the public keys to be updated.

Throws:

GeneralSecurityException

IOException