public class FirebaseJwtTokenDecoder extends Object implements org.springframework.security.oauth2.jwt.JwtDecoder
Jwt
token. This decoder downloads public keys from
https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com. Keys
are rotated often, and expiration date is returned as part of a Cache-Control max-age header. The
keys are cached locally and only refreshed when the expiration time is past. Besides using the
RSA keys to validate the token signature, this decoder also uses a pre=configured DelegatingOAuth2TokenValidator
to validate all the
claims. The following validators are used by this class: JwtTimestampValidator
- Validates the expiration date of
the Token JwtIssuerValidator
- Validates the iss
claim header FirebaseTokenValidator
- Validates all other headers according to definition
at https://firebase.google.com/docs/auth/admin/verify-id-tokensConstructor and Description |
---|
FirebaseJwtTokenDecoder(org.springframework.web.client.RestOperations restClient,
String googlePublicKeysEndpoint,
org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt> tokenValidator) |
Modifier and Type | Method and Description |
---|---|
org.springframework.security.oauth2.jwt.Jwt |
decode(String token) |
public FirebaseJwtTokenDecoder(org.springframework.web.client.RestOperations restClient, String googlePublicKeysEndpoint, org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt> tokenValidator)
public org.springframework.security.oauth2.jwt.Jwt decode(String token) throws org.springframework.security.oauth2.jwt.JwtException
decode
in interface org.springframework.security.oauth2.jwt.JwtDecoder
org.springframework.security.oauth2.jwt.JwtException
Copyright © 2022. All rights reserved.