Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add TokenVerifier class that can verify RS256/ES256 tokens #420

Merged
merged 21 commits into from Jun 24, 2020
Merged

feat: add TokenVerifier class that can verify RS256/ES256 tokens #420

merged 21 commits into from Jun 24, 2020

Conversation

chingor13
Copy link
Contributor

@chingor13 chingor13 commented Apr 24, 2020
edited

Exposes interface for validating Google signed RS256/ES256 JWT tokens.

This implementation returns a JsonWebSignature instance (from google-http-client) on success and throws a VerificationException on any error.

Usage:

TokenVerifier tokenVerifier = TokenVerifier.newBuilder()
  .setAudience("audience-to-verify")
  .setIssuer("issuer-to-verify")
  .build();
try {
  JsonWebSignature jsonWebSignature = tokenVerifier.verify(tokenString);
  // optionally verify additional claims
  jsonWebSignature
} catch (TokenVerifier.VerificationException e) {
  // invalid token
}

Fixes #85

@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Apr 24, 2020
@codecov
Copy link

codecov bot commented Apr 24, 2020
edited

Codecov Report

Merging #420 into master will increase coverage by 0.36%.
The diff coverage is 83.87%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master     #420      +/-   ##
============================================
+ Coverage     79.50%   79.86%   +0.36%     
- Complexity      397      409      +12     
============================================
  Files            27       28       +1     
  Lines          1800     1927     +127     
  Branches        186      201      +15     
============================================
+ Hits           1431     1539     +108     
- Misses          269      280      +11     
- Partials        100      108       +8
Impacted Files Coverage Δ Complexity Δ
...ttp/java/com/google/auth/oauth2/TokenVerifier.java 83.87% <83.87%> (ø) 12.00 <12.00> (?)
...tp/java/com/google/auth/oauth2/UserAuthorizer.java 77.59% <0.00%> (+0.12%) 20.00% <0.00%> (ø%)
...om/google/auth/appengine/AppEngineCredentials.java 75.47% <0.00%> (+0.96%) 16.00% <0.00%> (ø%)
..._http/java/com/google/auth/oauth2/OAuth2Utils.java 67.21% <0.00%> (+1.63%) 12.00% <0.00%> (ø%)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 662bd80...96aabab. Read the comment docs.

@chingor13 chingor13 marked this pull request as ready for review May 28, 2020 19:43
@chingor13 chingor13 requested a review from a team as a code owner May 28, 2020 19:43
@chingor13 chingor13 requested a review from bshaffer May 28, 2020 19:43
@chingor13 chingor13 mentioned this pull request May 28, 2020
Closed
bshaffer
bshaffer reviewed May 29, 2020
View reviewed changes
README.md Show resolved Hide resolved
@bshaffer
Copy link
Contributor

@BenWhitehead @elharo If you have no additional concerns can one of you approve this PR?

@chingor13 chingor13 merged commit 5014ac7 into googleapis:master Jun 24, 2020
@chingor13 chingor13 deleted the verify-id-token-instance branch June 24, 2020 19:58
gcf-merge-on-green bot pushed a commit that referenced this pull request Jun 24, 2020
@release-please
chore: release 0.21.0 (#442)
48ba24a 
🤖 I have created a release \*beep\* \*boop\* 
---
## [0.21.0](https://www.github.com/googleapis/google-auth-library-java/compare/v0.20.0...v0.21.0) (2020-06-24)


### Features

* add TokenVerifier class that can verify RS256/ES256 tokens ([#420](https://www.github.com/googleapis/google-auth-library-java/issues/420)) ([5014ac7](https://www.github.com/googleapis/google-auth-library-java/commit/5014ac72a59d877ef95c616d0b33792b9fc70c25))


### Dependencies

* update autovalue packages to v1.7.2 ([#429](https://www.github.com/googleapis/google-auth-library-java/issues/429)) ([5758364](https://www.github.com/googleapis/google-auth-library-java/commit/575836405bd5803d6202bd0018609184d6a15831))
* update dependency com.google.http-client:google-http-client-bom to v1.35.0 ([#427](https://www.github.com/googleapis/google-auth-library-java/issues/427)) ([5494ec0](https://www.github.com/googleapis/google-auth-library-java/commit/5494ec0a73319fb955b3d7ba025aea9607020c4e))
* update Guava to 29.0-android ([#426](https://www.github.com/googleapis/google-auth-library-java/issues/426)) ([0cd3c2e](https://www.github.com/googleapis/google-auth-library-java/commit/0cd3c2ec0aef3ff0f0379b32f9d05126442219b6))
---


This PR was generated with [Release Please](https://github.com/googleapis/release-please).
@release-please release-please bot mentioned this pull request Jan 4, 2022
Closed
@release-please release-please bot mentioned this pull request Aug 11, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elharo elharo elharo left review comments

@bshaffer bshaffer bshaffer approved these changes

@BenWhitehead BenWhitehead BenWhitehead approved these changes

Assignees
No one assigned
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

FR: jwt validate
5 participants
@chingor13 @bshaffer @elharo @BenWhitehead @googlebot