public class FirebaseJwtTokenDecoder extends Object implements org.springframework.security.oauth2.jwt.JwtDecoder
Jwt token. This decoder downloads public keys from
https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com. Keys
are rotated often, and expiration date is returned as part of a Cache-Control max-age header. The
keys are cached locally and only refreshed when the expiration time is past. Besides using the
RSA keys to validate the token signature, this decoder also uses a pre=configured DelegatingOAuth2TokenValidator to validate all the
claims. The following validators are used by this class:
JwtTimestampValidator - Validates the
expiration date of the Token JwtIssuerValidator - Validates the iss
claim headerFirebaseTokenValidator - Validates all other headers according to definition at
https://firebase.google.com/docs/auth/admin/verify-id-tokens| Constructor and Description |
|---|
FirebaseJwtTokenDecoder(org.springframework.web.client.RestOperations restClient,
String googlePublicKeysEndpoint,
org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt> tokenValidator) |
| Modifier and Type | Method and Description |
|---|---|
org.springframework.security.oauth2.jwt.Jwt |
decode(String token) |
public FirebaseJwtTokenDecoder(org.springframework.web.client.RestOperations restClient,
String googlePublicKeysEndpoint,
org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt> tokenValidator)
public org.springframework.security.oauth2.jwt.Jwt decode(String token) throws org.springframework.security.oauth2.jwt.JwtException
decode in interface org.springframework.security.oauth2.jwt.JwtDecoderorg.springframework.security.oauth2.jwt.JwtExceptionCopyright © 2023. All rights reserved.