public class FirebaseJwtTokenDecoder
Decodes a Firebase token into a Jwt token.
This decoder downloads public keys from https://firstname.lastname@example.org.
Keys are rotated often, and expiration date is returned as part of a Cache-Control max-age header.
The keys are cached locally and only refreshed when the expiration time is past.
Besides using the RSA keys to validate the token signature, this decoder also uses a pre=configured DelegatingOAuth2TokenValidator
to validate all the claims.
The following validators are used by this class:
JwtTimestampValidator - Validates the expiration date of the Token
JwtIssuerValidator - Validates the iss claim header
FirebaseTokenValidator - Validates all other headers according to definition at https://firebase.google.com/docs/auth/admin/verify-id-tokens