Package com.google.cloud.spring.security.firebase

Class FirebaseTokenValidator

java.lang.Object

com.google.cloud.spring.security.firebase.FirebaseTokenValidator

All Implemented Interfaces:

org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>

public class FirebaseTokenValidator
extends Object
implements org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>

Validates Firebase JWT tokens using the rules presented here at https://firebase.google.com/docs/auth/admin/verify-id-tokens.

This validator will check the following claims:

• iat : Must be in the past
• aud : Must be the firebase project id
• auth_time : Must be in the past
• sub : Must not be empty

Since:

1.2.2

Constructor Summary

Constructors

Constructor	Description
FirebaseTokenValidator(String projectId)
FirebaseTokenValidator(String projectId, Duration clockSkew)

Method Summary

Modifier and Type	Method	Description
org.springframework.security.oauth2.core.OAuth2TokenValidatorResult	validate(org.springframework.security.oauth2.jwt.Jwt token)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

FirebaseTokenValidator

public FirebaseTokenValidator(String projectId)

FirebaseTokenValidator

public FirebaseTokenValidator(String projectId,
 Duration clockSkew)

Method Details

validate

public org.springframework.security.oauth2.core.OAuth2TokenValidatorResult validate(org.springframework.security.oauth2.jwt.Jwt token)

Specified by:

validate in interface org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>